Supernote Cloud

The skill is classified as suspicious due to several risky capabilities and security practices, despite its stated purpose. It requires and directly handles sensitive credentials (SUPERNOTE_USER, SUPERNOTE_PASSWORD) via environment variables, storing a JWT token in `/tmp/.supernote_token`. The `scripts/supernote.sh` script exhibits weak input sanitization by directly interpolating these sensitive variables into Python `-c` arguments and `curl -d` JSON payloads, which could lead to JSON injection or script errors if the environment variables contain special characters. Furthermore, the skill provides capabilities to fetch arbitrary URLs (`scripts/article2ebook.py`) and upload arbitrary local files (`scripts/supernote.sh`), which, while core to its functionality, could be misused if the agent is compromised by prompt injection.