profile-use
Audited by Socket on Jun 30, 2026
3 alerts found:
Anomalyx3SUSPICIOUS. The skill's capabilities mostly match its stated autofill/KYC purpose, but it handles unusually sensitive personal and credential data, persists it locally, and can install/use a third-party vault CLI through an unseen helper script. Data flow is mostly coherent and direct, not overtly exfiltrative, so this is not confirmed malware; the main concern is high-impact credential/PII handling plus moderate install-trust risk.
This Swift file is a thin bridge that dynamically executes a bundled Python script via Process (python3 + profile_use.py) to query vault status and perform credential lookup/login. It decodes untrusted JSON from the external process and, when configured, can return highly sensitive credential fields (password/totp/uris) to callers. No explicit malware behavior (e.g., networking, persistence, obfuscation, or direct exfiltration) is shown in this fragment, but the supply-chain/trust-boundary risk is meaningful because the module delegates security-critical credential operations to executable bundled code and passes an unvalidated domain argument into external command arguments.
No direct malicious behavior (exfiltration, credential theft, command-and-control, or backdoor logic) is evident in this shell installer wrapper itself. However, it has significant supply-chain risk: it fetches a moving 'releases/latest' DMG without integrity/signature verification and installs it into /Applications using sudo, then removes extended attributes that can include quarantine metadata. The safety of this script depends entirely on the trustworthiness of the remote GitHub release artifact.