macos-accessibility
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions or prompt patterns detected; content is strictly documentation and code snippets.
- DATA_EXFILTRATION (SAFE): No network exfiltration or credential exposure detected. The reference to the TCC database (
TCC.db) is for diagnostic purposes and correctly identifies the high-level system permissions required. - COMMAND_EXECUTION (SAFE): Subprocess usage is limited to a secure implementation of the
codesignutility for signature verification, avoiding shell injection by using list-based arguments. - EXTERNAL_DOWNLOADS (SAFE): No external downloads or remote script execution patterns identified.
- OBFUSCATION (SAFE): Content is clear and readable with no signs of encoding or hidden characters.
- DYNAMIC_EXECUTION (SAFE): No use of
eval(),exec(), or runtime code generation observed.
Recommendations
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata