personal-strategic-planning
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes an AppleScript (JXA) file
scripts/sync_to_omnifocus.jsto interact directly with the OmniFocus application. While this is a legitimate automation pattern for macOS, it involves executing local system-level commands that modify personal data stores. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes quarterly review data which may include content from external sources (e.g., project updates or external feedback). If malicious instructions are embedded in this data and parsed by the agent, they could be passed to the OmniFocus sync script.
- Ingestion points:
scripts/sync_to_omnifocus.jsaccepts input viaargv[0]representing the parsed review data. - Boundary markers: Absent; the script relies on the agent providing correctly formatted JSON but does not validate the content of the strings for embedded instructions.
- Capability inventory: The script has the ability to create folders (
makeFolderWithProperties), projects (makeProjectWithProperties), and tasks (makeTaskWithProperties) within the OmniFocus application. - Sanitization: Only basic JSON structure validation is performed; string values (goal names, actions, notes) are used directly to populate OmniFocus fields without sanitization.
Audit Metadata