evernote-core-workflow-b
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation and implementation guide provide standard patterns for interacting with the Evernote API using the official SDK.
- [PROMPT_INJECTION]: Risk Factor (Indirect): The skill ingests data from external note titles and content, creating a potential surface for indirect prompt injection if the retrieved data is not treated as untrusted. \n
- Ingestion points:
references/implementation-guide.md(SearchService methods). \n - Boundary markers: None. \n
- Capability inventory: The skill permits
Bash,Write, andEditoperations via the platform configuration. \n - Sanitization: No content-level sanitization is performed on retrieved note data before it is presented to the agent context.
Audit Metadata