apple-reminders
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
remindctlbinary via Homebrew from a third-party repository (github.com/steipete/remindctl). This is a legitimate installation method for the tool's intended purpose. - [COMMAND_EXECUTION]: The skill enables the execution of shell commands through
remindctlto access and manage the macOS Reminders database. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from reminder titles and notes. Ingestion points:
remindctloutput (all, today, list, etc.) as seen inSKILL.md. Boundary markers: None present to delimit reminder content from instructions. Capability inventory: The skill allows listing, adding, editing, and deleting reminders; no network exfiltration or arbitrary code execution capabilities are included in the provided scripts. Sanitization: No sanitization or validation of the ingested reminder content is performed.
Audit Metadata