However it seems that maybe we shouldn’t get ahead of ourselves just yet. In a post on Twitter (via Cult of Mac), developer Simeon Saëns revealed how he was tipped off by Avimanyu Roy on how Siri Shortcuts has the potential to steal personal information from the user. He points at how a Shortcut disguised as a memory cleaner compiled names, zipped the data, and sent it to the attacker via iMessage.
We suppose this revelation doesn’t come as a complete surprise. Given that unlike iOS apps, there isn’t really any oversight on the Shortcuts that are made and shared online, especially since Shortcuts can be found and installed from a variety of places. Saëns adds that he has since reached out to Apple and disclosed his findings, but how the company plans on going about addressing this issue is unclear.
In the meantime if you are fond of searching for and installing third-party Shortcuts, it’s probably best to exercise some caution by combing through the comments and seeing what others have said about it.
https://twitter.com/twolivesleft/status/1088080307457159169