apple-events
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a command-line interface tool named
eventto interact with macOS Reminders and Calendar databases. This tool is used for listing, creating, updating, and deleting system records.- [EXTERNAL_DOWNLOADS]: The documentation directs users to install an external iCloud Shortcut from a specific Apple-hosted URL to enable advanced features. While the domain is well-known, the specific logic within the shortcut is external to the skill.- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. - Ingestion points: Data is imported into the agent's context from the output of
event reminders listandevent calendar list, which includes user-generated titles and notes. - Boundary markers: The skill does not define specific delimiters or instructions to treat the retrieved reminder/calendar content as untrusted data.
- Capability inventory: The agent has the ability to perform destructive actions, such as
event reminders deleteandevent reminders lists delete. - Sanitization: There is no evidence of sanitization or filtering applied to the data fetched from the local databases before it is processed by the agent.
Audit Metadata