Skills
skills/aradotso/devtools-skills/mac-cleaner-cli-disk-cleanup/Gen Agent Trust Hub

mac-cleaner-cli-disk-cleanup

Fail

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download the mac-cleaner-cli package from the npm registry.
  • [REMOTE_CODE_EXECUTION]: The usage of npx mac-cleaner-cli facilitates the immediate execution of remote code fetched from the npm registry without prior local verification.
  • [COMMAND_EXECUTION]: The instructions explicitly recommend using sudo in conjunction with npx for certain maintenance tasks such as DNS flushing. This practice is dangerous as it allows unverified remote code to execute with root privileges on the host system.
  • [COMMAND_EXECUTION]: The skill performs extensive file system operations, including the deletion of files in system and user cache directories, logs, and application support folders, which could lead to accidental data loss or system instability if misconfigured.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 17, 2026, 09:24 PM