Security audit
Notes
Security checks across malware telemetry and agentic risk
Overview
This appears to be a straightforward local notes plugin, with expected persistence and note-editing powers but no evidence of hidden network access, credential use, or exfiltration.
This skill looks safe for local note-taking use. Before installing, understand that it adds executable plugin code, stores notes persistently in a local JSON file, and gives the agent tools to create, edit, search, archive, and delete those notes.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
No suspicious patterns detected.
