macos-admin

The skill's stated purpose as a macOS admin automation tool is broadly coherent with its capabilities. However, the footprint raises several security concerns: reliance on elevated privileges, handling of admin credentials via environment variables, and the ability to enable/disable core security features (SIP, FileVault) and manage users. Without strict per-action approval, input validation, least-privilege execution, and secure credential handling (e.g., using keychain or token-based authentication rather than env vars), this skill leans toward a high-risk, potentially destructive tool. It is reasonable for legitimate enterprise workflows if paired with rigorous access controls, auditing, and explicit user consent for each sensitive operation; otherwise, classify as Suspicious due to privilege scope and credential handling risks.