note-draft
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior is entirely consistent with its stated purpose of managing note.com drafts. All network operations and file system interactions are justified by the core functionality.
- [CREDENTIALS_UNSAFE]: User credentials (email and password) are managed through environment variables rather than hardcoded values. The skill stores session cookies in the user's home directory with restricted 0600 permissions, ensuring they are protected from other users on the system.
- [EXTERNAL_DOWNLOADS]: The skill downloads required browser components via Playwright and libraries from the NPM registry. These are well-known, trusted technology services used for legitimate automation and dependency management.
- [COMMAND_EXECUTION]: The skill includes instructions for installing dependencies and running the publication script via standard Node.js commands. These operations are transparent and perform only expected setup and execution tasks.
Audit Metadata