macbook-desktop-mode
Fail
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill contains 'Self-Evolving' instructions that direct the agent to modify the SKILL.md file based on its own runtime experiences and 'reproducible issues'.
- Evidence: 'This skill improves through use. If instructions are wrong... fix this file immediately, don't defer.'
- Evidence: 'Post-Execution Reflection: After this skill completes, reflect before closing the task... fix the instruction that caused it.'
- [COMMAND_EXECUTION]: The skill instructs the agent to execute administrative commands and manage background persistence via system-level tools.
- Evidence: Use of 'sudo pmset -c sleep 0' to modify system power policies.
- Evidence: Instructions to compile Swift code with 'swiftc' and deploy it as a persistent background agent using 'launchctl' and plist files in '~/Library/LaunchAgents/'.
- [EXTERNAL_DOWNLOADS]: The skill encourages the installation of third-party hardware control software from external repositories.
- Evidence: Recommends 'brew install uhubctl' to enable software-controlled USB port resets.
- [DATA_EXFILTRATION]: The skill documents a notification mechanism that combines sensitive file access with network operations.
- Evidence: Describes loading Telegram notification credentials from a '.env' file ('credentials loaded from a dotenv file at startup').
- Evidence: Implements data transmission to an external API using 'curl' via a subprocess ('Telegram via curl subprocess').
Recommendations
- AI detected serious security threats
Audit Metadata