Apple iCloud Suite Security Report — Low Risk | ClawSafe

27 /100

Apple iCloud Suite

Apple iCloud 全套服务操作：日历、照片、iCloud Drive、设备查找、提醒事项

Legitimate iCloud management suite with minor documentation inconsistencies and credential handling concerns, but no confirmed malicious behavior. The status_wall daemon adds persistence risk that should be documented.

Skill NameApple iCloud Suite

Duration70.8s

Enginepi

✓

Safe to install

Document the subprocess daemon behavior in SKILL.md. Standardize password usage guidance across scripts (main password vs app-specific password confusion). Consider pinning dependency versions.

Findings 4 items

Severity	Finding	Location
Medium	Inconsistent credential type documentation Doc Mismatch Several scripts (icloud-photos.py, icloud-notes.py, icloud-reminders.py) document '应用专用密码' in their help text, but pyicloud requires the main Apple ID password + 2FA. Only icloud_calendar.py correctly documents app-specific password for CalDAV. status_wall.py is the only script that clearly distinguishes both credential types. `ICLOUD_PASSWORD - 应用专用密码` → Standardize credential documentation: main password for pyicloud (photos/drive/devices), app-specific password for CalDAV (calendar)	`scripts/icloud-photos.py, scripts/icloud-notes.py, scripts/icloud-reminders.py:8`
Medium	Background daemon with undeclared persistence Priv Escalation status_wall.py spawns a daemon process via subprocess.Popen that persists in the background, writing to ~/.status_wall.log and updating a shared family calendar at configurable intervals (default 15 min, commute mode 1 min). This persistence behavior is not declared in SKILL.md. `proc = subprocess.Popen([sys.executable, __file__, '_daemon'], stdout=log_file, stderr=log_file, start_new_session=True)` → Declare the daemon capability in SKILL.md with explicit allowed-tools for shell:WRITE and document the shared calendar write behavior	`scripts/status_wall.py:152`
Low	Dependency versions not pinned Supply Chain SKILL.md install section uses 'pip install pyicloud' and 'pip install caldav icalendar' without version pins. This allows supply chain substitution attacks. `pip install pyicloud` → Pin versions: pip install pyicloud==X.Y.Z caldav==X.Y.Z icalendar==X.Y.Z	`SKILL.md:25`
Low	No allowed-tools declaration in SKILL.md Doc Mismatch SKILL.md declares tools (pyicloud, caldav, icloudpd) but provides no allowed-tools mapping for shell, filesystem, network, or environment resources. SKILL.md section header claims 'tools: pyicloud, caldav, icloudpd' but this doesn't map to the pi agent's capability model. `tools: pyicloud, caldav, icloudpd` → Add explicit allowed-tools declaration mapping to pi's capability model	`SKILL.md:17`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✓ Aligned	scripts/status_wall.py writes to ~/.status_wall.json, ~/.status_wall.pid, ~/.sta…
Network	`NONE`	`READ`	✓ Aligned	Scripts make outbound API calls to iCloud (caldav.icloud.com, pyicloud) and Amap…
Environment	`NONE`	`READ`	✓ Aligned	All scripts read ICLOUD_USERNAME, ICLOUD_PASSWORD, ICLOUD_APP_PASSWORD, ICLOUD_C…
Shell	`NONE`	`WRITE`	✓ Aligned	status_wall.py:152 — subprocess.Popen spawns daemon; icloud_calendar.py:update_c…

1 High 10 findings

🔑

High API Key 疑似硬编码凭证

PASSWORD="xxxx-xxxx-xxxx-xxxx"

QUICKSTART.md:80

🔗

Medium External URL 外部 URL

https://appleid.apple.com

README.md:97

🔗

Medium External URL 外部 URL

https://lbs.amap.com/

README.md:98

🔗

Medium External URL 外部 URL

https://vdirsyncer.pimutils.org/

SKILL.md:125

🔗

Medium External URL 外部 URL

https://khal.readthedocs.io/

SKILL.md:126

🔗

Medium External URL 外部 URL

https://todoman.readthedocs.io/

SKILL.md:127

🔗

Medium External URL 外部 URL

https://caldav.icloud.com/

evals/results/calendar-with-skill.md:5

🔗

Medium External URL 外部 URL

https://restapi.amap.com/v3/geocode/regeo?

scripts/status_wall.py:335

📧

Info Email 邮箱地址

[email protected]

QUICKSTART.md:24

📧

Info Email 邮箱地址

[email protected]

scripts/icloud-notes.py:142

File Tree

18 files · 95.7 KB · 3153 lines

Python 7f · 2128L Markdown 10f · 1019L JSON 1f · 6L

├─ ▾ 📁 config-templates

│ └─ 🐍 todoman-config.py Python 21L · 501 B

├─ ▾ 📁 evals

│ └─ ▾ 📁 results

│ ├─ 📝 calendar-with-skill.md Markdown 28L · 1.4 KB

│ └─ 📝 calendar-without-skill.md Markdown 19L · 888 B

├─ ▾ 📁 references

│ ├─ 📝 calendar.md Markdown 358L · 12.1 KB

│ ├─ 📝 drive.md Markdown 37L · 681 B

│ ├─ 📝 findmy.md Markdown 39L · 677 B

│ ├─ 📝 photos.md Markdown 69L · 1.3 KB

│ └─ 📝 scripts.md Markdown 128L · 3.2 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 icloud_calendar.py Python 569L · 17.6 KB

│ ├─ 🐍 icloud_tool.py Python 203L · 5.6 KB

│ ├─ 🐍 icloud-notes.py Python 173L · 5.0 KB

│ ├─ 🐍 icloud-photos.py Python 276L · 8.2 KB

│ ├─ 🐍 icloud-reminders.py Python 202L · 5.7 KB

│ └─ 🐍 status_wall.py Python 684L · 23.5 KB

├─ 📋 _meta.json JSON 6L · 138 B

├─ 📝 QUICKSTART.md Markdown 105L · 2.1 KB

├─ 📝 README.md Markdown 109L · 2.9 KB

└─ 📝 SKILL.md Markdown 127L · 4.2 KB

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`pyicloud`	`unpinned`	pip	No	Open-source library, version not pinned
`caldav`	`unpinned`	pip	No	Open-source CalDAV library, version not pinned
`icalendar`	`unpinned`	pip	No	Open-source iCalendar library, version not pinned
`icloudpd`	`unpinned`	pip	No	Optional dependency for batch photo download, version not pinned

Security Positives

✓ All credential inputs are read from environment variables or interactive prompts, not hardcoded in source

✓ pyicloud is a well-known, publicly documented open-source library (not a custom implant)

✓ No base64-encoded strings, obfuscation, or anti-analysis techniques detected

✓ No ~/.ssh, ~/.aws, .env, or other sensitive credential path access

✓ No curl|bash remote script execution or eval() calls

✓ 2FA validation is enforced before accessing sensitive iCloud data

✓ Credentials are only transmitted to legitimate Apple iCloud and Amap API endpoints (HTTPS)

✓ Status wall writes to user-specified shared calendar, not hidden storage

Scan Report

Findings 4 items

File Tree

Dependencies 4 items

Security Positives