## Swift Mail & Notes Clients Contain Medium-Severity AppleScript Escaping Flaw, Audit Reveals A recent external security audit has flagged a medium-severity vulnerability in the Swift-based mail and notes clients, stemming from a manual AppleScript escaping function. The flaw, located in the `ScriptRunner.swift` files for both `swift-mail` and `swift-notes`, involves the `escapeAppleScript` function used to sanitize user input before it is interpolated into commands executed via the `osascript` utility. This creates a potential injection vector where insufficiently sanitized input could be exploited. The current security model employs a two-layer defense. The first layer is a Node.js validation script (`mcp-servers/os/src/tools/validation.ts`) that performs pre-flight checks before invoking the Swift command-line interface. This validation enforces maximum length limits for fields and rejects control characters, with exceptions only for tabs, newlines, and carriage returns in body text. However, the audit indicates that the second layer—the Swift-native `escapeAppleScript` function—is inadequate. The function's logic, which filters Unicode scalars based on specific hexadecimal values, may not comprehensively prevent all forms of AppleScript command injection. This finding places the integrity of the Swift clients' automation features under scrutiny. While the Node.js pre-validation acts as a robust initial gatekeeper, the identified weakness in the core Swift sanitization code represents a tangible risk. If an attacker were to bypass the first layer or if the validation logic were ever altered or removed, the application would rely solely on the flawed escaping mechanism. The issue underscores the critical importance of hardening native code security, even when layered behind other protective systems, to prevent potential execution of arbitrary scripts on a user's system. --- - **Source**: GitHub Issues - **Sector**: The Lab - **Tags**: security, vulnerability, AppleScript, code-audit, swift - **Credibility**: unverified - **Published**: 2026-03-30 20:27:30 - **ID**: 41806 - **URL**: https://whisperx.ai/en/intel/41806