ClawHub

iOS Simulator Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate iOS Simulator automation wrapper, but it can run local Xcode/idb commands and change or erase simulator state, so destructive actions should be supervised.

This skill is reasonable for iOS Simulator development and testing, but treat it like a local automation tool with real ability to change simulator state. Before installing or using it, verify the optional idb dependencies, run it only on a trusted macOS development machine, and require explicit approval for erase/delete and other state-changing commands.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Medium
What this means

An agent using this skill could install or remove apps, change simulated permissions, manipulate the simulator clipboard/UI, or erase/delete simulator devices if instructed.

Why it was flagged

The skill exposes commands that can alter simulator/app state or delete simulator data. This is disclosed and purpose-aligned for iOS testing, but it is still high-impact enough that users should supervise those operations.

Skill content
CAUTION | `privacy *`, `push`, `clipboard *`, `openurl` ... DANGEROUS | `erase`, `delete` | Requires `--yes`
Recommendation

Use it on a development simulator only, confirm the target UDID and bundle ID, and require explicit human approval before erase, delete, privacy, clipboard, push, openurl, or UI automation actions.

#
ASI05: Unexpected Code Execution
Low
What this means

The skill can execute local xcrun/idb-related commands on the Mac or configured macOS node.

Why it was flagged

The script runs local command-line tools. This is expected for the stated simulator automation purpose, and the visible spawn call avoids shell mode.

Skill content
const child = spawn(cmd, args, { ... shell: false, });
Recommendation

Run it only from a trusted checkout on a trusted macOS development machine, and review commands before allowing an agent to execute them.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

Installing optional UI automation support may pull current versions of external tools onto the development machine.

Why it was flagged

The skill documents optional external dependencies installed through brew and pip without version pins. These are expected for idb-based iOS UI automation, but users should verify the packages and source.

Skill content
brew tap facebook/fb
brew install idb-companion
python3 -m pip install --upgrade fb-idb
Recommendation

Verify the package sources, consider pinning versions in controlled environments, and install only if idb-based UI automation is needed.