things-reminders-manager
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the system 'date' command to resolve local time for date normalization, which is a standard but noteworthy command execution pattern.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes natural language 'scheduling phrases' to perform task mutations (create/update) in the Things application.
- Ingestion points: 'scheduling phrase' and 'reminder intent' inputs defined in SKILL.md.
- Boundary markers: Absent; natural language inputs are not delimited from instructions.
- Capability inventory: Includes 'things_add_todo' and 'things_update_todo' for modifying external application state as described in SKILL.md.
- Sanitization: Absent; the workflow relies on LLM-based normalization without explicit input filtering or validation.
Audit Metadata