Skills
skills/jeremylongshore/claude-code-plugins-plus/evernote-incident-runbook/Gen Agent Trust Hub

evernote-incident-runbook

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides bash commands in SKILL.md to check service status and test API connectivity using the $EVERNOTE_TOKEN environment variable.
  • [DATA_EXFILTRATION]: The skill accesses local system logs at /var/log/evernote-app.log to check for error counts, which may expose internal application state.
  • [EXTERNAL_DOWNLOADS]: Fetches status information from Evernote's official status page (status.evernote.com). This is a well-known service domain.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external sources.
  • Ingestion points: Reads content from /var/log/evernote-app.log, https://status.evernote.com/api/v2/status.json, and Evernote API responses.
  • Boundary markers: None identified in the triage or diagnostic scripts.
  • Capability inventory: Uses Read, Write, Edit, Bash, and Grep tools across SKILL.md and the implementation guide.
  • Sanitization: No explicit sanitization or validation of the ingested log content or API responses is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 04:45 PM