Skills
skills/sundial-org/awesome-openclaw-skills/apple-notes/Gen Agent Trust Hub

apple-notes

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (HIGH): The skill requires the installation of the memo binary from an unverified GitHub repository (antoniorodr/memo). Since this source is not on the trusted whitelist, it poses a high risk of executing malicious code during installation or runtime.
  • [PROMPT_INJECTION] (HIGH): The skill presents an indirect prompt injection surface (Category 8). It reads data from Apple Notes, which can contain untrusted instructions, and possesses significant capabilities to modify or delete notes. 1. Ingestion points: memo notes (listing and searching note content). 2. Boundary markers: Absent. The agent is not instructed to isolate note content. 3. Capability inventory: The agent can add, edit, and delete notes via CLI flags. 4. Sanitization: Absent. Content is processed as raw text, which could influence the agent to perform unauthorized actions.
  • [COMMAND_EXECUTION] (LOW): The skill's primary function is to execute terminal commands via the memo tool.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:54 AM