Skillv1.0.0

ClawScan security

Apple Reminders · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 11, 2026, 8:20 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it just documents usage of the remindctl CLI to manage macOS Reminders, asks for no unrelated credentials, and its instructions match its stated purpose.
Guidance: This skill is a wrapper for the remindctl CLI on macOS and is coherent with its description. Before installing/use: (1) ensure you run it on macOS and have or will install the remindctl binary (Homebrew formula steipete/tap/remindctl or build via pnpm); (2) verify the Homebrew tap / GitHub repo (steipete/remindctl) if you plan to install binaries; (3) be aware the binary will request macOS Reminders permission — only grant that to terminals/processes you trust (especially when using SSH); and (4) note the skill is instruction-only so the agent will attempt to run local commands — only enable/use it if you trust the agent to execute those operations.
Findings: [no_regex_findings] expected: The repository/skill contains no code files; the regex-based scanner had nothing to analyze. This is expected for an instruction-only skill that delegates work to an external CLI.

Purpose & Capability: okName/description match the instructions: all actions are remindctl CLI operations for Apple Reminders on macOS. No unrelated binaries, env vars, or credentials are requested.
Instruction Scope: okSKILL.md tells the agent to run remindctl (and optionally build or install it). It only references macOS Reminders permission (a local privacy grant). The instructions do not ask the agent to read unrelated files, access external credentials, or exfiltrate data.
Install Mechanism: noteRegistry lists this as instruction-only (no install spec), but SKILL.md includes metadata recommending Homebrew (steipete/tap/remindctl) and a from-source pnpm build. Homebrew tap and GitHub repo are reasonable sources; building from source uses pnpm (network access). Verify the tap/repo before installing.
Credentials: okNo environment variables or external API keys requested. The only permission is the expected macOS Reminders privacy grant for the remindctl binary; that local permission is proportional to the functionality.
Persistence & Privilege: okalways is false and the skill is user-invocable. It does not request persistent system-wide changes or access to other skills' configs. Autonomous invocation is allowed by default (normal) but not excessive here.