cli-anything-joplin
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands via the 'joplin' terminal binary to interact with the Joplin backend. It provides a stateful harness for managing notes, notebooks, and configurations.- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from Joplin notes and search results, which constitutes an attack surface for indirect prompt injection.
- Ingestion points: SKILL.md documentation describes reading notes, todos, and search results via 'notes get', 'todos list', and 'search run' commands.
- Boundary markers: None identified in the provided skill description.
- Capability inventory: The skill performs subprocess execution of the 'joplin' binary and supports network synchronization.
- Sanitization: No sanitization or validation of note content is described.
Audit Metadata