apple-events
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it retrieves and processes content from local macOS databases (Reminders and Calendar).
- Ingestion points: Untrusted data enters the agent context through the execution of
event reminders listandevent calendar list(SKILL.md). - Boundary markers: Absent. The skill instructions do not define delimiters or provide warnings to the agent about treating retrieved content as untrusted data.
- Capability inventory: The skill has the capability to execute shell commands to modify, create, and delete reminders and lists using the
eventCLI (SKILL.md). - Sanitization: Absent. There is no mechanism described for sanitizing or validating the data fetched from external sources before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill references an external dependency for extended functionality.
- Evidence: A link to an Apple iCloud shortcut (
https://www.icloud.com/shortcuts/b578334075754da9ba6e50b501515808) is included inSKILL.mdto support advanced reminder fields.
Audit Metadata