apple-notes
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions prompt the installation of a third-party CLI tool 'memo' from an external Homebrew repository ('antoniorodr/memo').
- [COMMAND_EXECUTION]: The skill uses the 'memo' command-line interface to interact with the local Apple Notes application on macOS.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data in the form of note content which could contain instructions intended to influence agent behavior.
- Ingestion points: Note content is ingested into the agent context via 'memo notes' and 'memo notes -s' commands.
- Boundary markers: No specific boundary markers or instruction-ignoring delimiters are defined for the note content.
- Capability inventory: The skill's capabilities are focused on note management (create, view, search, edit, delete, move, export). It does not exhibit dangerous capabilities like arbitrary shell execution or network exfiltration of note data.
- Sanitization: The skill does not perform sanitization or validation of the text content retrieved from Apple Notes.
Audit Metadata