wifi-debug

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local macOS system utilities including wdutil, networksetup, and log show to gather WiFi telemetry. It specifically includes safety instructions to avoid using sudo or elevated privileges, relying on non-elevated outputs.
  • [DATA_EXFILTRATION]: The skill collects BSSIDs (Base Service Set Identifiers) and system logs from the WiFi subsystem. While BSSIDs can be used for geolocation, the skill acknowledges system-level redaction and stores data locally in the user's home directory (~/.mac-guardian/data/) without initiating any network transmissions.
  • [PROMPT_INJECTION]: The skill processes untrusted system log data via log show. It implements boundary controls by limiting the output to the last 60 lines (approximately 4 KB) and encapsulating the data within a structured JSON field (raw.log_tail) rather than interpreting it as instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 01:41 AM
Security Audit — agent-trust-hub — wifi-debug