Skills
skills/trpc-group/trpc-agent-go/apple-notes/Gen Agent Trust Hub

apple-notes

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the memo CLI tool from a third-party Homebrew repository (antoniorodr/memo/memo).
  • [COMMAND_EXECUTION]: The skill executes shell commands using the memo binary to perform operations like searching, editing, and deleting notes within the macOS Apple Notes application.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing untrusted data from Apple Notes (Ingestion points: memo notes commands in SKILL.md) and maintaining significant action capabilities (Capability inventory: memo notes -d, -e, and -m commands in SKILL.md). The skill lacks defined boundary markers or sanitization procedures to prevent the agent from misinterpreting note content as valid instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 01:08 AM
Security Audit — agent-trust-hub — apple-notes