getnote-note
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists solely of instructions for using a command-line interface and does not include any executable scripts or hidden code. No hardcoded secrets or suspicious metadata were found.\n- [COMMAND_EXECUTION]: The skill outlines commands for the
getnoteCLI tool, which may involve reading local files (e.g., when saving images) or accessing the network (e.g., when saving URLs). These capabilities are restricted to the intended functionality of the note management service.\n- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data, creating a surface for indirect prompt injection.\n - Ingestion points: Content enters the agent context through
getnote save <url>andgetnote note <id>commands inSKILL.md.\n - Boundary markers: The skill does not define specific delimiters or instructions to prevent the agent from following directives embedded in note content.\n
- Capability inventory: The skill allows the agent to modify, delete, or publicly share notes (
getnote note update,getnote note delete,getnote note shareinSKILL.md).\n - Sanitization: No input validation or content sanitization mechanisms are described.
Audit Metadata