OpenClaw with Apple

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask users for Apple ID/passwords, app-specific passwords, and 2FA codes and to embed them verbatim into export commands and CLI calls (e.g., export ICLOUD_PASSWORD="..." and python icloud_tool.py verify 123456), which forces the LLM to handle secrets in its output.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High-risk: the skill explicitly instructs users to hand over Apple ID main passwords, app-specific passwords, and 2FA codes (including telling users to "send the 6‑digit code to me"), caches session tokens for long‑term reuse, and runs background processes that repeatedly read highly sensitive data (photos, iCloud Drive, Find My GPS, Apple Health) — enabling credential harvesting, account takeover, and persistent privacy-invasive access even though there is no obvious obfuscated payload or external exfiltration endpoint in the code itself.