evernote-security-basics
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is strictly educational and instructional, providing security hardening patterns for Evernote API usage.
- [CREDENTIALS_UNSAFE]: The code snippets correctly demonstrate using environment variables and cloud-based secret managers (AWS/GCP) to avoid hardcoded credentials.
- [DATA_EXFILTRATION]: Includes a utility for redacting sensitive data (tokens, keys, secrets) from log output, preventing accidental data exposure.
- [REMOTE_CODE_EXECUTION]: No remote code execution or dangerous dynamic loading patterns were found; all dependencies are standard Node.js libraries.
- [PROMPT_INJECTION]: No instructions aimed at overriding agent behavior or bypassing safety filters were detected.
Audit Metadata