Skillshub apple-notes-security-basics
install
source · Clone the upstream repo
git clone https://github.com/ComeOnOliver/skillshub
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/ComeOnOliver/skillshub "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/jeremylongshore/claude-code-plugins-plus-skills/apple-notes-security-basics" ~/.claude/skills/comeonoliver-skillshub-apple-notes-security-basics && rm -rf "$T"
manifest:
skills/jeremylongshore/claude-code-plugins-plus-skills/apple-notes-security-basics/SKILL.mdsource content
Apple Notes Security Basics
Security Checklist
- Scripts run only locally (never expose osascript to network)
- No note content logged to files (may contain sensitive data)
- TCC permissions scoped to specific apps only
- Exported notes stored with appropriate file permissions
- iCloud account uses 2FA
- Automation scripts do not hardcode note content
AppleScript Sandbox Restrictions
# Apple Notes runs inside the macOS sandbox # Scripts can only access Notes via Apple Events (not direct file access) # The Notes database is at ~/Library/Group Containers/group.com.apple.notes/ # Direct database access is NOT recommended (encrypted, undocumented schema)
Safe Export Pattern
# Export with restricted permissions osascript -l JavaScript -e "..." > /tmp/notes-export.json chmod 600 /tmp/notes-export.json # Process then delete rm /tmp/notes-export.json