Skills
skills/nousresearch/hermes-agent/findmy/Gen Agent Trust Hub

findmy

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses osascript to automate the Find My application and screencapture to take screenshots of device locations for processing.
  • [EXTERNAL_DOWNLOADS]: Recommends the optional installation of the peekaboo UI automation tool via a third-party Homebrew tap to enhance tracking reliability.
  • [DATA_EXFILTRATION]: Accesses sensitive location data but stores it only in the local /tmp directory. No network exfiltration or unauthorized transmission of data was found.
  • [PROMPT_INJECTION]: The skill processes application screenshots through vision_analyze, creating a surface for indirect prompt injection if malicious names or content are displayed in the application.
  • Ingestion points: screenshots of the Find My app
  • Boundary markers: none
  • Capability inventory: osascript, screencapture, peekaboo
  • Sanitization: none
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 07:07 AM