中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:18 hr ago Rescan
5 /100
macos-security-scan
Read-only macOS security scan for malware, keyloggers, suspicious processes, network connections, startup items, and privacy permissions
A legitimate, read-only macOS security scanner with clean code, no obfuscation, no credential access, no network exfiltration, and all capabilities properly used for the stated purpose.
Skill Namemacos-security-scan
Duration68.8s
Enginepi
Safe to install
This skill is safe to use. No security concerns identified.

Findings 2 items

Severity Finding Location
Low
Minor imprecision: 'read-only' claim vs. file write Doc Mismatch
SKILL.md states 'It is safe to run — it only reads system state and never modifies anything' but the script writes a report file to disk. The file write is declared via the --out argument in SKILL.md documentation, and the write does not modify system state (only creates a new report). This is a minor doc imprecision rather than deceptive behavior.
This skill runs a comprehensive, read-only security scan of a macOS machine and produces a detailed report. It is safe to run — it only reads system state and never modifies anything.
→ Update SKILL.md to clarify: 'read-only system scan that writes its output to a report file.'
 SKILL.md:12
Low
Sudo flag ('-n' non-interactive) not explicitly called out in SKILL.md permissions Priv Escalation
The script uses 'sudo -n' (non-interactive sudo) when --sudo is passed. While SKILL.md mentions 'some checks need sudo for full results' in the permissions field, the non-interactive nature of '-n' isn't called out.
cmd = ["sudo", "-n"] + cmd
→ Consider adding a note in SKILL.md that --sudo uses non-interactive sudo which requires prior sudo privileges without password prompt.
 scripts/scan.py:72
ResourceDeclaredInferredStatusEvidence
Shell WRITE WRITE ✓ Aligned scripts/scan.py:74 — subprocess.run() used only for read-only system commands (p…
Filesystem READ WRITE ✓ Aligned scripts/scan.py:465-467 — writes report to --out path (default ~/Desktop/securit…
Network NONE NONE No network requests made. socket.gethostname() is local-only system info.
Environment NONE NONE No os.environ access or credential reading. No sensitive path access.
Clipboard NONE NONE No clipboard access.
Browser NONE READ ✓ Aligned scripts/scan.py:357-378 — reads Chrome, Firefox, Safari extension directories. D…
Database NONE READ ✓ Aligned scripts/scan.py:302-315 — sqlite3 reads TCC.db (privacy database). Declared in S…

File Tree

2 files · 23.4 KB · 610 lines
Python 1f · 479L Markdown 1f · 131L
├─ 📁 scripts
│ └─ 🐍 scan.py Python 479L · 17.9 KB
└─ 📝 SKILL.md Markdown 131L · 5.4 KB

Dependencies 1 items

PackageVersionSourceKnown VulnsNotes
None (stdlib only) N/A built-in No No external dependencies. Uses only Python 3 standard library (argparse, datetime, json, os, platform, plistlib, re, socket, subprocess, sys, pathlib).

Security Positives

✓ No obfuscation: no base64, eval(), atob(), or other code obfuscation techniques
✓ No credential theft: no access to ~/.ssh, ~/.aws, .env, or iteration over os.environ
✓ No data exfiltration: no outbound network requests, no POSTs, no external IP connections
✓ No reverse shell or C2: no socket-based remote execution, no suspicious network listeners
✓ No malicious supply chain: no external dependencies (0 pinned packages), only Python stdlib used
✓ No hidden functionality: all check categories are documented in SKILL.md
✓ Command injection safe: all subprocess commands are hardcoded as static lists, no string interpolation
✓ No persistence mechanisms: no cron, no startup hooks, no backdoor installation
✓ Timeout protection: all subprocess calls have a 15-second timeout
✓ OS platform guard: script explicitly exits with error on non-Darwin platforms
✓ Conservative malware patterns: known-bad list is short and well-documented
✓ SKILL.md accurately maps all check categories to the skill's behavior
✓ No suspicious file/directory access patterns