getnote-search
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates interaction with the user's notes by executing several CLI commands including getnote search, getnote kbs, and getnote note. These are standard operations for a search-oriented skill and utilize the vendor's own command-line tool.
- [PROMPT_INJECTION]: The skill establishes a surface for indirect prompt injection through the processing of untrusted note content. (1) Ingestion points: Note content and search results from the getnote CLI enter the agent context. (2) Boundary markers: The instructions do not specify any delimiters or warnings to separate user-controlled note content from agent instructions. (3) Capability inventory: The skill allows the agent to execute shell commands using the getnote utility. (4) Sanitization: There are no instructions for sanitizing or validating the content retrieved from the notes before the agent processes it.
Audit Metadata