← 返回 Skills 市场
macos-security-scan
作者
vincentyao
· GitHub ↗
· v1.0.0
· MIT-0
213
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install macos-security-scan
功能描述
Scans a macOS computer for signs of tampering, malware, keyloggers, and suspicious activity — especially useful after a device has been sent for repair or ha...
使用说明 (SKILL.md)
macOS Security Scan Skill
This skill runs a comprehensive, read-only security scan of a macOS machine and produces a detailed report. It is safe to run — it only reads system state and never modifies anything.
Workflow
Step 1 — Explain to the user what will happen
Tell the user:
- The scan is read-only and safe. Nothing will be changed or deleted.
- Some checks (marked with ⚠️) produce richer results when run with
sudo, but all checks work without it. - The scan takes about 30–60 seconds.
- A report file will be saved when done.
Ask: "Ready to run the scan? And do you want to run it with sudo for deeper results, or without sudo to keep it simple?"
Step 2 — Run the scan script
Once the user confirms, run:
python3 scripts/scan.py [--sudo] --out ~/Desktop/security_report.md
Pass --sudo only if the user agreed to it. The script handles all checks
and writes the report file.
Step 3 — Summarise findings in chat
After the script finishes, read the report and give the user a plain-English verdict in chat:
- ✅ Looks clean — No significant threats found. Briefly note what was checked.
- ⚠️ Needs attention — List the specific findings that look suspicious, explain what each one means in plain language, and recommend next steps.
- 🚨 Serious concern — If any high-confidence indicators are found (active keylogger, known malware process, suspicious kernel extension), say so clearly and recommend they contact Apple Support or a security professional before using the device for sensitive tasks.
Always remind the user: this scan is a good first check, but it is not a replacement for dedicated antivirus software.
Step 4 — Point the user to the report file
Tell them the report has been saved to ~/Desktop/security_report.md and
they can open it in any text editor or share it with a professional.
What the Scan Checks
| Category | What is checked |
|---|---|
| Keyloggers & input monitors | Processes with Accessibility / Input Monitoring permissions; IOHIDFamily kernel extensions |
| Suspicious background processes | Running processes cross-referenced against a known-bad list; processes with no bundle ID hiding in temp folders |
| Launch agents & daemons | Startup items in all LaunchAgent / LaunchDaemon directories, flagging unknown or recently added items |
| Network connections | Active connections, listening ports, and processes making outbound connections to non-Apple IPs |
| Recently installed software | Apps and packages installed in the last 14 days |
| Login items | Items set to launch at login via System Settings |
| Kernel extensions (kexts) | Third-party kexts loaded into the kernel |
| Browser extensions | Installed extensions for Safari, Chrome, and Firefox |
| Privacy permissions | Apps with Camera, Microphone, Screen Recording, Accessibility, Full Disk Access |
| System Integrity Protection | Whether SIP is enabled (disabled SIP is a red flag) |
| Gatekeeper | Whether Gatekeeper is enforcing app signing |
| FileVault | Whether disk encryption is active |
Interpreting Results
Guide the user using these thresholds:
Green (normal)
- SIP enabled, Gatekeeper on, FileVault on
- No unknown kexts
- No processes in
/tmp,/var/folders, or home-directory hidden folders - Launch agents all belong to known software the user recognises
- No unusual Accessibility or Screen Recording permissions
Yellow (worth investigating)
- Apps with Screen Recording or Accessibility access the user doesn't recognise
- Launch agents with random-looking names or paths in unusual locations
- Software installed in the days around the repair that the user didn't install
- Open ports the user doesn't expect
Red (act now)
- SIP disabled
- Unknown kernel extensions
- Processes actively keylogging (IOHIDFamily hooks from unknown processes)
- Known malware process names (see
scripts/scan.pybad-list) - Outbound connections from hidden processes to non-standard IPs
Notes for the Agent
- Never make the user feel panicked unnecessarily. Many yellow flags are legitimate (e.g. Logi Options has Accessibility access, Zoom has Screen Recording). Always say "check whether you recognise this" before calling something suspicious.
- If the user asks what a specific process or item is, look it up or explain it — don't just say "unknown".
- If the user wants to remove something, do NOT do so automatically. Guide them to System Settings or explain the manual removal steps. The scan is read-only; remediation is a separate, deliberate action.
安全使用建议
This skill appears to be doing what it says — a read-only macOS security scan — but take these precautions before installing or running it:
- Inspect the included script (scripts/scan.py) yourself or have someone you trust review it. The skill ships code that will be executed locally; make sure you are comfortable with it.
- The script reads sensitive system data (TCC.db for privacy permissions, launch plists, process lists, network connections). That is expected for a scan, but understand the privacy implications of generating a report that may contain process names, installed items, and app permission lists.
- Run the scan without sudo first to limit the scope of reads. Only use --sudo if you explicitly agree and understand that it will attempt to access system-wide databases.
- Confirm the agent will not run this skill automatically in contexts you don't expect. The SKILL.md's 'always use' guidance is a behavioral instruction to the agent — ensure the agent only runs the scan when you explicitly want it.
- Because the registry metadata does not list the system utilities the script calls, ensure the execution environment has standard macOS tools (csrutil, spctl, fdesetup, sqlite3, lsof, osascript) and be aware of how the script will behave if some of those tools are missing.
If you want higher assurance, run the script locally from a terminal (reviewing it first) rather than letting an automated agent run it autonomously, and avoid sharing the generated report unless you trust the recipient.
功能分析
Type: OpenClaw Skill
Name: macos-security-scan
Version: 1.0.0
The 'macos-security-scan' skill is a legitimate diagnostic tool designed to audit macOS security settings and identify potential indicators of compromise. The Python script (scripts/scan.py) performs read-only checks using standard system utilities like 'csrutil', 'spctl', and 'lsof', and cross-references running processes against a list of known malware signatures. It follows a transparent workflow that requires user consent for privileged execution and saves its findings to a local Markdown report on the user's desktop without any evidence of data exfiltration or malicious intent.
能力评估
Purpose & Capability
The name/description match the included script: the script enumerates processes, launch items, TCC privacy entries, kernel extensions, network connections, and system security settings — all coherent with a macOS security scan. However, the skill metadata claims no required binaries while the script calls many macOS tools (csrutil, spctl, fdesetup, sqlite3, lsof, osascript, ps, etc.). Not declaring these dependencies in the registry is an inconsistency to be aware of.
Instruction Scope
The SKILL.md instructs the agent to run the bundled script (optionally with sudo) and to 'always use this skill' for post-repair checks. The script performs many sensitive, read-only operations (reading TCC.db, scanning launch agents/daemons, listing processes and network connections). Those reads are expected for a scan, but they are privacy-sensitive. The 'always use' directive is scope creep because it encourages the agent to run this scan proactively even when the user hasn't explicitly requested it.
Install Mechanism
There is no install spec and this is effectively an instruction + included script. That minimizes supply-chain risk (no external downloads). The skill does include a local Python script which will be copied with the skill — review it before running.
Credentials
No environment variables or external credentials are requested, which is proportionate. The only elevated access requested is optional sudo for deeper reads. Be aware the script reads sensitive local artifacts (TCC.db, /Library, LaunchAgents, process lists) — this is expected but sensitive; the skill does not declare the full set of system binaries it will call.
Persistence & Privilege
always:false (good) but model invocation is allowed (normal). Combined with the SKILL.md instruction to 'always use' the skill for post-repair checks, there's a risk the agent will run the scan without a clear, explicit user prompt. The skill does not modify system state, but it can create a report file on the user's Desktop and will read many privacy-sensitive artifacts.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install macos-security-scan - 安装完成后,直接呼叫该 Skill 的名称或使用
/macos-security-scan触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Sometimes, our computers inevitably leave us, for example, when they are sent for repair. Before using them again after repair, how do we ensure their security? This is a question that even people in the IT industry may not know the answer to, let alone ordinary people. Therefore, this skill aims to help everyone perform some routine checks and generate reports to avoid common problems such as viruses or keyloggers.
元数据
常见问题
macos-security-scan 是什么?
Scans a macOS computer for signs of tampering, malware, keyloggers, and suspicious activity — especially useful after a device has been sent for repair or ha... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 213 次。
如何安装 macos-security-scan?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install macos-security-scan」即可一键安装,无需额外配置。
macos-security-scan 是免费的吗?
是的,macos-security-scan 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
macos-security-scan 支持哪些平台?
macos-security-scan 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 macos-security-scan?
由 vincentyao(@vincentyao)开发并维护,当前版本 v1.0.0。
推荐 Skills