macos-cleaner

This skill appears to be a legitimate macOS disk-analysis and cleanup assistant that emphasizes safety and user confirmation. I found no evidence of obfuscated or malicious code, remote exfiltration, or credential harvesting. The primary security concern is operational: the documentation includes explicit destructive commands (rm -rf paths, pip cache purge, docker volume rm) which are appropriate for a cleanup tool but present a real risk of accidental data loss if users blindly copy-paste or if an implementation ignores the 'never auto-execute' rule. Recommend: keep the strong safety-first constraints, consider replacing literal 'rm -rf' examples with safer, more explicit steps (e.g., show commands but also show an explicit checklist and require user to type 'CONFIRM' rather than pressing enter), and ensure any implementation never executes destructive commands without an explicit, intentional local user action.