apple-notes
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of a third-party CLI tool,
memo, from a personal GitHub repository (antoniorodr/memo) via Homebrew taps.- [COMMAND_EXECUTION]: The skill functionality relies on executing shell commands through thememobinary to create, list, and modify notes on the user's local system.- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it reads content from Apple Notes into the agent context (viamemo notes). While there are no explicit boundary markers or sanitization described, the skill lacks autonomous dangerous capabilities that would be triggered by malicious note content, and no direct injection patterns were found in the skill text.- [NO_CODE]: No executable scripts or code are distributed with the skill; it provides instructions for interacting with an external binary and configures the environment through metadata.
Audit Metadata