things-reminders-manager
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a robust workflow for task management that prioritizes user intent and data integrity. No malicious patterns such as prompt injection, data exfiltration, or unauthorized command execution were detected.
- [COMMAND_EXECUTION]: The skill uses
date '+%Y-%m-%d %H:%M:%S %Z %z'to resolve the current local system time. This is a standard, safe operation necessary for the primary function of normalizing relative dates (e.g., 'tomorrow') into absolute timestamps. - [EXTERNAL_DOWNLOADS]: No external downloads or remote script executions were identified. All references and configurations are local to the skill package.
- [CREDENTIALS_UNSAFE]: The skill does not contain hardcoded credentials. It explicitly includes steps to verify authorization status through appropriate Model Context Protocol (MCP) tools (
things_auth_get_status,things_validate_token_config) before attempting updates, following security best practices for token management.
Audit Metadata