Skills
skills/steipete/clawdis/apple-reminders/Gen Agent Trust Hub

apple-reminders

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires the installation of the remindctl tool from a third-party GitHub repository (steipete/remindctl). While the source is not on the trusted organizations list, this external dependency is the primary method for the skill to function; therefore, the severity is reduced from MEDIUM to LOW.
  • [COMMAND_EXECUTION] (LOW): The skill executes local CLI commands via remindctl to interact with the macOS Reminders database, which is the intended purpose of the skill.
  • [PROMPT_INJECTION] (LOW): The skill has a surface for indirect prompt injection because it reads reminder titles and notes which are untrusted data. 1. Ingestion points: Output from remindctl list/today/all. 2. Boundary markers: None present. 3. Capability inventory: Can add, edit, and delete reminders. 4. Sanitization: No evidence of output sanitization before presentation to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 10:03 PM