iCloud

Name: iCloud
Author: ivangdavila

功能描述

Let agents operate your iCloud Drive, Photos, and Find My safely with local 2FA authentication and explicit confirmation gates.

使用说明 (SKILL.md)

Setup

On first use, read setup.md for secure integration guidelines.

When to Use

Use this skill when the user wants agents to interact with their own iCloud account: list devices, retrieve Find My status, inspect iCloud Drive, or pull photo metadata/files. Use it for operational automation with strict safety gates, not for bypassing Apple account security.

Architecture

Memory lives in ~/icloud/. See memory-template.md for structure and status fields.

~/icloud/
|-- memory.md               # Status, integration mode, and current account scope
|-- operations-log.md       # Executed commands, result checks, and rollback notes
|-- device-map.md           # Known device aliases and stable IDs
|-- drive-map.md            # iCloud Drive folder map and verified paths
`-- safety-events.md        # Confirmed risky actions and explicit approvals

Quick Reference

Load only the file needed for the current task.

Topic	File
Setup flow	`setup.md`
Memory template	`memory-template.md`
Authentication and session handling	`auth-session.md`
Find My operations	`findmy-ops.md`
iCloud Drive operations	`drive-ops.md`
Photos operations	`photos-ops.md`
Safety boundaries and confirmations	`safety-boundaries.md`

Core Rules

1. Authenticate Locally, Never Through Chat

Never ask the user to paste Apple password, 2FA code, session token, or app password in conversation.
Use interactive local auth with terminal prompts or secure local input prompts only.

2. Start Read-Only, Then Escalate

Run read-only discovery first: account reachability, device list, folder listing, metadata checks.
Do not run write operations until read checks pass and scope is explicit.

3. Require Explicit Confirmation for Risky Actions

Treat lost mode, message push, file rename/delete, and bulk upload as risky.
Before running risky actions, summarize target, effect, and rollback option, then request explicit confirmation.

4. Use Deterministic Verification After Every Action

After each operation, verify expected state with a second read call.
Never report success from command exit code alone.

5. Keep Operations Narrow and Idempotent

Operate on one device ID or one file path per step when possible.
Prefer repeat-safe commands and avoid broad wildcard operations.

6. Handle 2FA and Session Expiry as Normal State

If Apple invalidates the session, pause destructive operations and re-auth first.
Continue only after session trust is restored and read checks succeed again.

7. Persist Only Minimal Operational Context

Store only what improves reliability (IDs, verified paths, successful patterns).
Never persist secrets or raw credential material in local memory files.

Common Traps

Asking for Apple credentials in chat -> immediate privacy and trust failure.
Running write operations before discovery -> wrong device/path targeted.
Using device names without IDs -> ambiguous actions on similarly named devices.
Assuming session validity across days -> sudden auth failures mid-workflow.
Executing bulk file changes without snapshot -> difficult rollback after mistakes.
Claiming action success without re-read verification -> silent failures reach users.

External Endpoints

Endpoint	Data Sent	Purpose
https://idmsa.apple.com	Apple account auth payload during login	Apple ID authentication
https://setup.icloud.com	Session and webservice negotiation	iCloud service bootstrap
https://www.icloud.com	Service API requests (Drive/Photos/Find My)	iCloud operations
https://idmsa.apple.com.cn	Apple account auth payload (China mainland accounts)	Regional Apple ID authentication
https://setup.icloud.com.cn	Session and webservice negotiation (China mainland accounts)	Regional iCloud bootstrap
https://pypi.org	Package metadata (install time only)	Install `pyicloud`
https://files.pythonhosted.org	Package download (install time only)	Install `pyicloud`

No other data is sent externally by this skill's documented workflow.

Security & Privacy

Data that leaves your machine:

Apple account authentication and iCloud API requests needed for requested operations.
Package install traffic only when installing dependencies.

Data that stays local:

Optional operational notes under ~/icloud/.
Local keyring entries managed by the pyicloud tool if the user chooses to store password.

This skill does NOT:

Bypass Apple security flows or 2FA requirements.
Request undeclared credentials in chat.
Execute undeclared network endpoints.
Modify its own SKILL file.

Trust

By using this skill, you trust Apple iCloud endpoints and the pyicloud package. Only install and run this workflow if you trust these services with your account operations.

Related Skills

Install with clawhub install \x3Cslug> if user confirms:

cloud-storage - Cross-provider storage workflows and transfer safety checks
ios - Apple device settings, permissions, and account behavior troubleshooting
macos - macOS security, keychain, and runtime diagnostics for Apple tooling
photos - Media management strategies when iCloud Photos is the main workload

Feedback

If useful: clawhub star icloud
Stay updated: clawhub sync

安全使用建议

This skill is coherent with its stated purpose, but before installing: 1) Verify you trust the pyicloud package (consider installing in a virtualenv and pinning the version, or review its source). 2) Inspect ~/icloud files after setup and avoid enabling persistence if you don't want any local state. 3) Never paste passwords/2FA into chat — follow the local prompt flow the skill requires. 4) Consider using session-only mode if you prefer no on-disk traces. 5) Be aware package updates (or installing from PyPI) are the main supply-chain risk — review or vendor-lock the dependency if concerned.

功能分析

Type: OpenClaw Skill Name: icloud Version: 1.0.0 This skill bundle is designed with strong security and privacy principles. It explicitly instructs the agent to never request credentials in chat, use local prompts for authentication, require explicit user confirmation for risky actions (e.g., file deletion, Find My actions), and never persist secrets. All external network calls are to legitimate Apple iCloud endpoints or PyPI for dependency installation. File system operations are limited to creating a dedicated `~/icloud/` directory for operational notes, with appropriate permissions, and explicitly state that secrets should not be stored there. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent's intended secure operation.

能力评估

✓ Purpose & Capability

Name/description (iCloud Drive, Photos, Find My) match everything the skill requests: python3 and the pyicloud client. No unrelated credentials, binaries, or endpoints are required—Apple domains are the expected targets.

✓ Instruction Scope

SKILL.md and subsidiary files confine activity to local interactive auth flows, read-first discovery, and explicit confirmation gates for risky actions. The runtime snippets prompt for Apple ID/password via local getpass/input (explicitly prohibiting credential posting in chat) and read/write only to ~/icloud for operational context. No hidden external endpoints or commands are introduced in the instructions.

ℹ Install Mechanism

The workflow installs pyicloud==2.4.1 from PyPI (python -m pip install --user pyicloud==2.4.1) per the skill metadata. Installing a third‑party PyPI package is expected for this capability but carries the usual supply‑chain risk; there is no opaque download URL or archive-extract behavior.

✓ Credentials

No environment variables or unrelated service credentials are requested. Authentication is interactive (user types Apple ID/password locally) rather than via injected secrets, which is proportionate to the skill's purpose. The skill documents keyring use as optional and explicitly forbids persisting secrets in the memory files.

ℹ Persistence & Privilege

The skill writes a small workspace under ~/icloud (memory.md, logs, maps, safety-events) with restrictive permissions in the setup steps. This is reasonable for local state, but users should review those files and confirm no secrets are stored. The skill does not request always:true or system-wide privileges.

版本历史

v1.0.0

Initial release with secure iCloud account integration, read-first workflows, and confirmation gates for risky actions.

元数据

Slug icloud

版本 1.0.0

许可证 —

累计安装 1

当前安装数 1

历史版本数 1

常见问题

iCloud 是什么？

Let agents operate your iCloud Drive, Photos, and Find My safely with local 2FA authentication and explicit confirmation gates. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 498 次。

如何安装 iCloud？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install icloud」即可一键安装，无需额外配置。

iCloud 是免费的吗？

是的，iCloud 完全免费（开源免费），可自由下载、安装和使用。

iCloud 支持哪些平台？

iCloud 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（linux, darwin, win32）。

谁开发了 iCloud？

由 Iván（@ivangdavila）开发并维护，当前版本 v1.0.0。