Skills
skills/malue-ai/dazee-small/apple-notes/Gen Agent Trust Hub

apple-notes

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the memo CLI utility from a third-party GitHub repository (antoniorodr/memo) using the Homebrew package manager as part of its setup process.
  • [COMMAND_EXECUTION]: The skill executes the memo binary to perform operations on the macOS Apple Notes database, including searching, creating, editing, and deleting notes.
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by reading and displaying existing note content to the agent.
  • Ingestion points: Note content is ingested through the memo notes and memo notes -s (search) commands specified in SKILL.md.
  • Boundary markers: There are no delimiters or specific instructions provided to the agent to treat note content as untrusted data.
  • Capability inventory: The agent has the capability to add, edit, move, and delete notes, which could be exploited if malicious instructions are found within a note.
  • Sanitization: The skill does not perform any sanitization or validation of the text retrieved from Apple Notes before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 04:19 PM