things-mac

The Things 3 CLI skill appears largely coherent with its stated purpose: it reads the local Things database and performs write operations via the Things URL scheme. The permission model (potential Full Disk Access) and the optional THINGS_AUTH_TOKEN introduce surface areas for credential exposure, but these are proportionate to the local, device-bound task of managing Things data. There is no evident network exfiltration or external API usage; data flows stay local to the user’s machine and the Things app. The primary concerns are credential handling and macOS permission prompts, which should be clearly documented and minimized. Overall, the skill is BENIGN with medium securityRisk due to credential handling and elevated permissions, and low malware risk. Recommend careful handling of tokens, logs, and access permissions, and consider reducing required permissions where possible.