📦 Docker Osx — Docker macOS

v1.0.0

在 Linux 上用 KVM 于 Docker 中运行 macOS。适用场景：用户需构建 iOS 应用/IPA、需要 macOS 环境、无 Mac 却要编译 Apple 应用，或想……

0· 457·0 当前·0 累计

by @nightvibes3 (NightVibes3)

网络工具系统工具文档工具存储部署容器与虚拟化

下载技能包

最后更新

2026/4/19

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

安全

high confidence

The skill is internally coherent with its stated purpose (running macOS in Docker using KVM) — it only requires Docker/KVM — but pulling and running the external Docker image and using default credentials are explicit trust/operational risks you should consider before using it.

评估建议

This skill does what it says: it automates running sickcodes/docker-osx in Docker and requires KVM and Docker. Before installing/using it: (1) Understand you will pull and run a third-party container image (inspect the image on Docker Hub, verify the maintainer and recent activity). (2) Do not run it on sensitive or production hosts — the container is granted /dev/kvm access and mapped host ports. Use an isolated VM or disposable host if possible. (3) Change default credentials (SSH/VNC password...

详细分析 ▾

✓ 用途与能力

The name/description (run macOS in Docker with KVM to build iOS apps) matches the declared requirements and code: it requires docker and KVM, and the script runs docker commands using the sickcodes/docker-osx image. Nothing requested is unrelated to running a macOS VM in Docker.

ℹ 指令范围

SKILL.md and the script stick to VM lifecycle and connection tasks (start/stop/status/logs/ssh/vnc). They do not read unrelated host files or request extra credentials. However SKILL.md suggests installing Docker via `curl -sSL get.docker.com | sh` (network-fetch-and-execute) and documents insecure default credentials (SSH password 'alpine') and exposed host ports (50922, 5900), which are operational/security concerns.

ℹ 安装机制

There is no install spec (instruction-only), which is low-risk for local files. At runtime the script invokes `docker run` which will pull the image sickcodes/docker-osx:stable from Docker Hub if not present — running an external, third-party container image effectively downloads and executes remote code. This is expected for this use case but is a trust boundary you must evaluate (verify image publisher, check image contents, run in isolated environment).

✓ 凭证需求

The skill requests no environment variables or credentials, which is appropriate. Note: it relies on Docker daemon access (implicit requirement) and uses a documented default password ('alpine') for SSH/VNC — an insecure default that users should change.

ℹ 持久化与权限

always:false and no special persistent privileges are requested. Runtime behavior requires access to the host's Docker daemon and maps /dev/kvm into the container (needed for virtualization). Mapping /dev/kvm and exposing ports is required for functionality but increases the container's ability to interact with host resources — run only on hosts where this is acceptable.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/2/25

Initial release of docker_osx (v1.0.0): - Enables running macOS in Docker on Linux using KVM. - Provides commands to start, stop, check, and connect (SSH/VNC) to the macOS VM. - Includes a quick-start guide and sample workflow for building iOS apps. - Lists hardware/software requirements and common troubleshooting tips. - Not suitable for servers without KVM support or low-resource systems.

● 可疑

安装命令

点击复制

官方npx clawhub@latest install docker-osx

镜像加速npx clawhub@latest install docker-osx --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库