apple-photos
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
osascriptutility to execute AppleScript for managing the Apple Photos library on macOS, which involves running shell-level commands to perform photo searches, album creation, and file exports. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it retrieves and processes untrusted metadata (descriptions and names) from photo items. 1. Ingestion points: Photo 'description' and 'name' properties accessed in SKILL.md. 2. Boundary markers: Absent; there are no delimiters to differentiate data from instructions. 3. Capability inventory: Execution of
osascriptcommands and file system operations. 4. Sanitization: Absent; the skill does not filter or sanitize the photo metadata before it is returned to the agent.
Audit Metadata