evernote-ci-integration
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill instructions or reference guide.
- [EXTERNAL_DOWNLOADS]: The skill references standard, well-known GitHub Actions from official sources (actions/checkout, actions/setup-node) and reputable security tools (snyk/actions) for development workflows.
- [CREDENTIALS_UNSAFE]: The skill demonstrates secure credential handling by instructing the use of repository secrets and environment variables for Evernote API tokens instead of hardcoding sensitive values.
- [PROMPT_INJECTION]: The skill facilitates the generation of configuration files based on project analysis, representing a standard indirect injection surface for development tools.
- Ingestion points: Processes existing codebase and structure via Read and Grep tools to inform CI setup.
- Boundary markers: Absent, as the skill provides static instructional templates for manual or guided implementation.
- Capability inventory: Access to Bash (restricted to npm), Write, and Edit tools for creating CI/CD workflows and test suites.
- Sanitization: Not applicable for the provided static code examples and templates.
Audit Metadata