macos-cleaner
Fail
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'Mole' CLI tool from an external GitHub repository (tw93/tap/mole) using Homebrew. This repository is not associated with the verified vendors listed in the trusted scope.
- [COMMAND_EXECUTION]: Multiple Python scripts (analyze_caches.py, analyze_dev_env.py, analyze_large_files.py) utilize the subprocess module to execute system-level commands such as du, df, find, docker, brew, and npm to perform disk usage analysis.
- [DATA_EXFILTRATION]: The skill performs deep scans of sensitive user directories, including ~/Library/Caches, ~/Library/Application Support, ~/Library/Preferences, and ~/Library/Containers. These areas contain application-specific metadata and potential user data. While no network exfiltration patterns were detected in the provided code, the skill possesses broad read access to these sensitive locations.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata