apple-reminders-applescript
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing AppleScript via the
osascriptcommand to interact with the macOS Reminders application. This is the primary and intended mechanism for the skill's functionality. - [DATA_EXPOSURE]: The skill reads data from the Reminders app (names, bodies, lists, and accounts). While this data can be sensitive, it is processed locally and the skill lacks any network-facing code to exfiltrate this information.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources (Reminders application) that could potentially contain malicious instructions.
- Ingestion points: Detected in
scripts/reminder/get.applescript,scripts/reminder/list.applescript, andscripts/reminder/search.applescriptwhere reminder names and bodies are retrieved. - Boundary markers: None identified in the script outputs to distinguish data from instructions.
- Capability inventory: The skill has capabilities to create, edit, and delete lists and reminders via
osascript. - Sanitization: No explicit sanitization or escaping of reminder content is performed before returning it to the agent context.
Audit Metadata