The Agent Skills Directory

[PROMPT_INJECTION]: No malicious instructions or attempts to bypass safety guidelines were found in the documentation or instruction files. The instructions are focused on functional usage of the toolset.
[DATA_EXFILTRATION]: The skill correctly accesses user reminder data to perform its intended functions. No evidence of unauthorized network transmission or exfiltration was detected. Data remains within the local environment and is returned to the agent via standard output.
[REMOTE_CODE_EXECUTION]: No patterns of remote code execution, such as 'curl | bash', were found. The skill relies on local, verified binaries like 'osascript' and 'jq'. While 'remindctl' is an external dependency, it is expected to be pre-installed by the user.
[COMMAND_EXECUTION]: Shell command execution is used to bridge AppleScript with the agent interface. The skill correctly uses 'jq --arg' and AppleScript's 'quoted form of' to prevent command injection from user-supplied data in titles or notes.
[INDIRECT_PROMPT_INJECTION]: The skill processes reminder titles and bodies, which constitutes an ingestion point for untrusted data. However, the skill implements proper boundary markers (JSON output) and sanitization (escaping and structured data handling), minimizing the risk of the agent misinterpreting content as instructions.
[OBFUSCATION]: No obfuscated code, hidden characters, or encoded payloads were found across the 82 analyzed files.
[CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or sensitive configuration files are accessed or exposed by the skill. Instructions correctly suggest standard environment variables for path resolution.

macos-reminders