Skills
skills/yaklang/hack-skills/macos-security-bypass/Snyk

macos-security-bypass

Fail

Audited by Snyk on Apr 9, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This playbook provides explicit, actionable techniques to bypass macOS security controls (TCC, Gatekeeper, SIP, sandboxing, entitlements), exploit known CVEs, perform unauthorized access to protected data, install persistent backdoors (LaunchAgents/Daemons, rogue MDM/PPPC profiles, post‑install scripts), and otherwise enable data exfiltration, credential theft, and privilege escalation—constituting high-risk malicious capability and dual‑use abuse potential.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill explicitly instructs the agent to perform privileged actions that modify system state and bypass macOS security mechanisms (TCC DB edits, removing quarantine attributes, disabling SIP, creating LaunchDaemons/LaunchAgents, persistence, etc.), which directly compromise the host.

Issues (2)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 9, 2026, 01:13 PM
Issues
2