Skills
skills/dalehurley/phpbot/extract-email-actions-to-reminders/Gen Agent Trust Hub

extract-email-actions-to-reminders

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell scripts and AppleScript (osascript) to interact with the system and the Reminders app.
  • [DATA_EXFILTRATION]: The skill accesses highly sensitive local data by scanning the user's Mail library (~/Library/Mail or similar via .emlx files). While no external network exfiltration was detected in the provided code, the access to private communications is a significant privacy risk.
  • [INDIRECT_PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from email bodies.
  • Ingestion points: Reads .emlx files from the local Mail library (SKILL.md, Procedure step 1).
  • Boundary markers: None identified; the skill parses subject and body content directly (SKILL.md, Procedure step 2).
  • Capability inventory: Executes shell commands (find, head), Python scripts, AppleScript (osascript), and writes markdown files to the Desktop (SKILL.md, Reference Commands and Procedure step 7).
  • Sanitization: No evidence of sanitization or escaping of email content before processing or inclusion in reminder notes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:31 AM