BlueBubbles (tc)
PassAudited by ClawScan on May 11, 2026.
Overview
No malicious behavior is shown, but this skill gives an assistant access to a BlueBubbles/iMessage server, so messaging actions and sender access should be tightly limited.
Install only if you operate and trust the BlueBubbles server. Restrict allowed_senders to trusted handles, keep the server password secure, and require confirmation before the assistant sends messages, uploads attachments, edits, reacts, or unsends iMessages.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled without safeguards, the assistant could send messages, attachments, reactions, edits, or unsends through the user's BlueBubbles/iMessage setup.
These are direct external messaging and message-management actions. They fit the skill purpose, but users should notice that mistaken or autonomous use could send or modify real iMessages.
Supports text messages, attachments, reactions, edits, unsend, and iMessage effects.
Require explicit user confirmation for recipient, content, and attachments before any send/edit/unsend action, and limit which tools the agent may call.
Anyone covered by the sender configuration may be able to interact with the messaging gateway, and the stored password can authorize access to the BlueBubbles server.
The skill requires a BlueBubbles server password and shows a wildcard sender allow-list. This is expected for a messaging gateway, but it grants broad access unless the user narrows it.
password = "your-server-password" allowed_senders = ["*"] # Allow all senders, or list specific handles
Use a strong unique BlueBubbles password, store it securely, and replace allowed_senders = ["*"] with only trusted handles whenever possible.
The supplied artifacts do not show how the referenced tools are implemented or constrained.
There is no bundled implementation to inspect. That is not inherently unsafe, but users must rely on their existing BlueBubbles/gateway tooling for actual behavior and security.
No install spec — this is an instruction-only skill.
Verify the BlueBubbles server and gateway tool implementation separately before granting it message-sending authority.