macos-reminders
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Extensive analysis across all ten threat categories reveals no malicious patterns. The skill is dedicated to local macOS Reminders automation and follows security best practices.
- [COMMAND_EXECUTION]: The skill securely handles user-provided data, such as reminder titles and notes. Shell scripts utilize bash array expansion, and AppleScripts use the 'quoted form' property to prevent command injection vulnerabilities during interaction with system services.
- [DATA_EXFILTRATION]: While the skill reads sensitive reminder data, it does not include any network-capable commands (e.g., curl, wget, or fetch) that could be used to exfiltrate data to external domains. All data processing is strictly local.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unverifiable dependencies were found. The skill relies on local scripts and requires the user to have standard tools (osascript, jq) or specific utilities (remindctl) already installed on the system.
- [PROMPT_INJECTION]: The skill does not contain instructions that attempt to bypass AI safety filters or override system prompts. All instructions are focused on the task of reminder management.
Audit Metadata