bear-notes
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation metadata specifies downloading and installing the grizzly CLI tool from a third-party repository (github.com/tylerwince/grizzly) using the Go package manager.
- [CREDENTIALS_UNSAFE]: The documentation provides instructions for storing a Bear API token in a local configuration file at ~/.config/grizzly/token and using this path for authenticated CLI operations.
- [COMMAND_EXECUTION]: The skill uses shell commands to invoke the grizzly utility for creating, reading, and searching notes within the Bear application.
Audit Metadata