evernote-security-basics
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill provides defensive security documentation and code examples that encourage industry-standard safety practices for API integrations.
- [CREDENTIALS_UNSAFE]: The implementation guide provides instructions for securing credentials using environment variables and secret managers (AWS/GCP). All examples use non-functional placeholders such as 'your-consumer-key'.
- [EXTERNAL_DOWNLOADS]: The skill references standard, reputable Node.js packages and points to official developer documentation for Evernote and OWASP.
- [DATA_EXFILTRATION]: No patterns of data exfiltration were found. The skill actively provides code for a 'Secure Logger' designed to redact sensitive tokens and keys from application logs.
Audit Metadata