Trust Assessment
mole-mac-cleanup received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 1 high, 1 medium, and 0 low severity. Key findings include Skill exposes command to modify sudo authentication, Skill exposes powerful commands for system-wide data deletion and modification, Skill exposes command for self-uninstallation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 48/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill exposes command to modify sudo authentication The skill exposes the `mo touchid` command, which configures Touch ID for `sudo`. Executing this command allows an AI agent to alter fundamental system security settings related to authentication without explicit, informed user consent. This could significantly weaken or change the user's security posture, potentially granting easier unauthorized access to privileged operations. Remove or restrict access to the `mo touchid` command for AI agents. If necessary, require explicit user confirmation and detailed explanation of the security implications before allowing its execution. | LLM | SKILL.md:100 | |
| HIGH | Skill exposes powerful commands for system-wide data deletion and modification The skill provides direct execution commands such as `mo clean`, `mo optimize`, and `mo purge`. These commands perform significant system modifications, including deleting caches, logs, browser data, project artifacts, rebuilding system databases, resetting services, and refreshing Finder/Dock. While `--dry-run` options are available, the skill also lists the direct execution commands, which an AI agent could invoke without prior dry-run or explicit user confirmation, potentially leading to unintended data loss, system instability, or unexpected behavior. Implement strict safeguards requiring explicit user confirmation for all destructive or system-modifying commands. Prioritize the use of `--dry-run` and ensure agents are instructed to present dry-run results to the user before requesting permission for actual execution. Consider making direct execution commands inaccessible to agents without specific overrides. | LLM | SKILL.md:50 | |
| MEDIUM | Skill exposes command for self-uninstallation The skill includes the `mo remove` command, which uninstalls the Mole tool from the system. An AI agent could inadvertently or maliciously execute this command, leading to the removal of the skill's underlying tool, disrupting its functionality and potentially requiring manual reinstallation. Restrict AI agent access to the `mo remove` command, or require explicit user confirmation before allowing its execution. | LLM | SKILL.md:104 |
Scan History
Embed Code
[](https://skillshield.io/report/afbf91ae1c375a0a)
Powered by SkillShield