Skills
skills/malue-ai/dazee-small/macos-notification/Gen Agent Trust Hub

macos-notification

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the osascript system binary to execute AppleScript commands for displaying notifications and dialog boxes. This is a standard system tool used for its intended UI notification purposes.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by interpolating potentially untrusted data into AppleScript command strings.
  • Ingestion points: The notification titles, subtitles, and messages in SKILL.md are designed to be filled with dynamic content that may originate from external tasks or user input.
  • Boundary markers: The command templates do not utilize any delimiters or instructions to prevent the execution of embedded AppleScript commands within the input strings.
  • Capability inventory: The osascript binary can execute arbitrary AppleScript, which includes the do shell script command capable of running terminal commands with the user's privileges.
  • Sanitization: There are no sanitization or escaping mechanisms provided in the skill to handle special characters or malicious code injected into the notification content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 04:19 PM