Skills
skills/qwibitai/nanoclaw/convert-to-apple-container/Gen Agent Trust Hub

convert-to-apple-container

Fail

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PRIVILEGE_ESCALATION]: The skill executes commands with elevated privileges using sudo to modify system firewall rules and persist them to /etc/pf.conf.
  • [COMMAND_EXECUTION]: Executes multiple shell commands for environment configuration, git operations, testing, and container management, including pfctl for network control.
  • [PERSISTENCE_MECHANISMS]: Modifies the system-wide /etc/pf.conf file to ensure firewall rules persist across sessions and system reboots.
  • [EXTERNAL_DOWNLOADS]: Fetches source code and updates from the developer's GitHub repository (github.com/qwibitai/nanoclaw.git) and references binary releases from Apple's official GitHub repository.
  • [DATA_EXPOSURE]: Configures a 'credential proxy' to bind to 0.0.0.0, which exposes the service and potentially sensitive credentials to the local network (mitigated by subsequent firewall instructions).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 26, 2026, 09:50 PM