Skills
skills/insight68/skills/apple-reminders/Gen Agent Trust Hub

apple-reminders

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the remindctl command-line utility to perform operations on the Apple Reminders database. This is the primary function of the skill.
  • [EXTERNAL_DOWNLOADS]: The skill metadata includes installation instructions to fetch and install the remindctl formula from a GitHub-hosted Homebrew tap (steipete/tap/remindctl).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes data (reminder titles and notes) that could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: Data enters the agent context via remindctl output (e.g., remindctl today, remindctl list).
  • Boundary markers: None identified; external content is not explicitly delimited with warnings to ignore embedded instructions.
  • Capability inventory: The skill has the capability to execute subprocesses via the remindctl binary to create, modify, or delete reminders.
  • Sanitization: No evidence of sanitization or filtering of reminder content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 08:21 PM