Is apple-reminders safe?
https://clawhub.ai/steipete/apple-reminders
This is a clean, documentation-only skill that provides CLI instructions for managing Apple Reminders via the remindctl tool. It contains no executable code, no prompt injection patterns, and no data exfiltration mechanisms. The filesystem activity observed during installation is attributable to the host agent platform runtime, not the skill itself. The only notable risk is the external Homebrew tap dependency whose binary contents are outside this audit's scope.
Category Scores
Findings (5)
INFO Clean documentation-only skill -5 ▶
SKILL.md contains only CLI usage documentation for remindctl with no prompt injection patterns, hidden instructions, or manipulation attempts.
LOW Agent runtime reads sensitive files during bootstrap -10 ▶
The OpenClaw agent runtime (not the skill) accessed ~/.env, ~/.aws/credentials, auth-profiles.json, ~/.profile, and ~/.bashrc during the install phase. These are platform-level accesses, not skill-initiated, but they appear in the monitoring window.
LOW External Homebrew tap referenced in install metadata -10 ▶
The skill's metadata references 'brew install steipete/tap/remindctl' as the installation method. While this is a standard Homebrew distribution pattern, the tap contents are not audited by this scan. A supply-chain compromise of the tap could introduce a malicious binary.
LOW Agent platform temp files created during install -15 ▶
The OpenClaw agent runtime created temporary jiti cache files and a gateway lock file in /tmp/ during the install phase. These are platform-level operations, not initiated by the skill.
LOW Delete with --force bypasses confirmation -25 ▶
The skill documents 'remindctl delete