ios-dev-cleanup 安全扫描报告 — 低风险 | ClawSafe

15 /100

ios-dev-cleanup

Scans iOS development disk usage (simulators, runtimes, DerivedData, CocoaPods cache, archives) and offers safe deletion commands with size analysis

This is a legitimate iOS development disk cleanup skill with no malicious behavior; the pre-scan's two critical IOC flags (rm -rf ~, rm -rf /) are false positives — both appear in prohibition/warning tables instructing the agent NOT to run those commands. All deletion targets are safe Xcode developer directories and user confirmation is required.

技能名称ios-dev-cleanup

分析耗时67.0s

引擎pi

✓

可以安装

Approve for use. Consider adding explicit filesystem:WRITE and shell:WRITE declarations to SKILL.md metadata to fully align declared vs inferred capabilities.

安全发现 2 项

严重性	安全发现	位置
低危	Missing permission declarations for deletion operations 文档欺骗 SKILL.md executes filesystem deletions via Bash (rm -rf, xcrun simctl, pod cache clean) but only declares requires_binaries. The deletion workflow is documented in README.md security section but not formally declared in SKILL.md frontmatter. This is a minor documentation gap — the behavior is transparent to users, not hidden. `requires_binaries: xcrun, du, stat (no filesystem:WRITE or shell:WRITE declared)` → Add a 'permissions' or 'capabilities' section to SKILL.md frontmatter declaring filesystem:WRITE and shell:WRITE for the deletion workflow.	`SKILL.md:1`
提示	Pre-scan false positive: dangerous commands are prohibited entries 文档欺骗 The pre-scan flagged 'rm -rf ~' (line 65) and 'rm -rf /' (line 241) as critical IOCs. Both are entries in a prohibition table (禁止操作 / Forbidden Operations) instructing the agent NOT to execute those commands. The skill explicitly mandates safe deletion methods. These flags should be disregarded. 禁止直接 `rm -rf ~/Library/Developer/CoreSimulator/Devices/<UUID>/`，必须用 `simctl delete` → No action needed. The safety table is a positive security control.	`SKILL.md:65`

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`WRITE`	✓ 一致	SKILL.md: executes rm -rf commands via Bash for DerivedData, DeviceSupport, Arch…
命令执行	`NONE`	`WRITE`	✓ 一致	SKILL.md: all deletion categories use Bash shell execution (rm -rf, xcrun simctl…
网络访问	`NONE`	`NONE`	—	No network operations detected
环境变量	`NONE`	`NONE`	—	No environment variable access
技能调用	`NONE`	`NONE`	—	No cross-skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser usage
数据库	`NONE`	`NONE`	—	No database access

2 严重 3 项发现

💀

严重危险命令危险 Shell 命令

rm -rf ~

SKILL.md:65

💀

严重危险命令危险 Shell 命令

rm -rf /

SKILL.md:241

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:6

目录结构

2 文件 · 10.6 KB · 340 行

Markdown 2f · 340L

├─ 📝 README.md Markdown 89L · 2.6 KB

└─ 📝 SKILL.md Markdown 251L · 8.0 KB

安全亮点

✓ Comprehensive safety table explicitly forbids dangerous rm -rf commands on simulator/device directories, mandating xcrun simctl instead

✓ User confirmation is required before all deletions (except unavailable simulators, which are already non-functional)

✓ README.md contains an explicit security section documenting no network access and no data exfiltration

✓ All deletion targets are well-defined Xcode developer cache directories — no system-wide or home directory deletions

✓ No obfuscation, no base64, no encoded instructions, no suspicious external dependencies

✓ Skill is open source with a public GitHub repository (jesseluo/ios-dev-cleanup)