getnote-tag
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates basic tag management (listing, adding, and removing) through the 'getnote' CLI tool, which is consistent with the vendor's provided services.
- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by processing external data from note tags.
- Ingestion points: Data is ingested through the output of the
getnote tag listcommand in SKILL.md. - Boundary markers: No specific delimiters or instructions are provided to the agent to distinguish between tag data and instructions.
- Capability inventory: The skill allows the agent to execute tag management commands (
add,remove,list) via thegetnotetool. - Sanitization: No sanitization or validation of the tag strings is mentioned before they are processed by the agent.
Audit Metadata