Apple Reminder
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user selects the wrong reminder ID, a reminder could be permanently removed from Reminders.app.
The delete helper can delete one or more supplied reminder IDs and uses a force flag. This is clearly related to the skill's purpose, but it is a destructive action without a script-level confirmation prompt.
# Usage: delete-reminder.sh ID [ID2 ID3...] ... OUTPUT=$(remindctl delete "$ID" --force 2>&1)
Review listed reminder IDs before deleting, and consider adding an explicit confirmation step for deletion or multiple-ID operations.
Reminder changes made through the skill can affect the user's Apple devices and synced Reminders data.
The skill operates on the user's local Apple Reminders data, which may sync through the user's Apple/iCloud account. This is expected for the stated purpose and no credential harvesting or token handling is shown.
Works with Reminders.app natively - syncs to iPhone, iPad, Apple Watch.
Install only if you are comfortable allowing the agent to manage Apple Reminders on this Mac and synced devices.
The safety of the Reminders operations depends partly on the remindctl binary already installed on the system.
The skill relies on a local external remindctl binary, while the registry does not provide an install source or homepage. This is a setup/provenance note rather than evidence of malicious behavior.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; Required binaries (all must exist): remindctl, date
Verify remindctl is installed from a trusted source before using the skill.