zsxq-note
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a specialized CLI tool,
zsxq-cli, to perform operations on the user's notes. Evidence: Usage ofzsxq-cli note +createinreferences/zsxq-note-create.mdandzsxq-cli note +listinreferences/zsxq-note-list.md. This is legitimate behavior for a tool-based skill. - [DATA_EXPOSURE]: The skill is designed to retrieve and display personal note content. While it handles user data, the operations are restricted to the local environment and intended platform tools. No external exfiltration patterns were observed.
- [INDIRECT_PROMPT_INJECTION]: As the skill reads content from a note list, it possesses an ingestion surface for untrusted data if notes are sourced from third parties.
- Ingestion points: Note content returned by
zsxq-cli note +list(referenced inreferences/zsxq-note-list.md). - Boundary markers: None present in the current instructions.
- Capability inventory: Note creation via
zsxq-cli(referenced inreferences/zsxq-note-create.md). - Sanitization: None specified in the provided files.
Audit Metadata