Skills
skills/jeremylongshore/claude-code-plugins-plus/evernote-multi-env-setup/Gen Agent Trust Hub

evernote-multi-env-setup

Warn

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The ConfigLoader class in references/implementation-guide.md implements dynamic module loading using require() with a path computed from the NODE_ENV environment variable. This pattern is identified as dynamic loading from computed filesystem paths.
  • [CREDENTIALS_UNSAFE]: The docker-compose.yml file in references/implementation-guide.md includes hardcoded default credentials (POSTGRES_USER: postgres, POSTGRES_PASSWORD: postgres) for the local database service. While common in development templates, they are plaintext secrets.
  • [COMMAND_EXECUTION]: The skill uses Bash tools scoped to npm:* to facilitate dependency management and script execution, which are essential for setting up the described multi-environment Node.js application.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 4, 2026, 04:46 PM