Mlx Apple Silicon Mlx
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent local-MLX setup guide, but it asks users to install external Python tools and run a local multi-device router service.
This skill appears benign and purpose-aligned for running a local MLX AI fleet on Apple Silicon. Before installing, verify the external Python packages, run the router only on trusted devices/networks, and be mindful that prompts, audio, and generated content may pass through the local fleet service.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these packages will run code from external package repositories on the user’s Mac.
The skill instructs installation of external, unpinned packages. This is purpose-aligned for a local AI stack, but the package code is not included in the reviewed artifacts.
pip install ollama-herd ... uv tool install mflux ... uv tool install diffusionkit
Install only if you trust the package sources; consider checking the PyPI/GitHub project, versions, and dependencies before running the setup.
A local AI service may keep running and coordinate with other devices until the user stops it.
The skill tells users to run long-lived router and node processes. This is disclosed and central to the fleet-routing purpose, but it affects the local runtime environment.
herd # start the router (port 11435) herd-node # run on each device — finds the router automatically
Run the router and nodes only when needed, understand how to stop them, and use them on trusted devices/networks.
Data sent to the local API, such as prompts or audio files, may be processed by the local router and connected nodes.
The skill describes a multi-device local fleet router. That is expected for this tool, but prompts, audio, or generated workloads may be routed through local services/devices.
One fleet router coordinates all four across Mac Studio, Mac Mini, MacBook Pro.
Use the fleet only with trusted local machines and avoid sending sensitive files unless you are comfortable with how the local service handles them.