evernote-local-dev-loop
Facilitates efficient local development for Evernote integrations, optimizing setup and testing workflows.
Install this skill
Security score
The evernote-local-dev-loop skill was audited on Feb 21, 2026 and we found 33 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 146 | return `${ENML_HEADER} |
Template literal with variable interpolation in command context
| 162 | return wrapInENML(`<div>${escaped}</div>`); |
Template literal with variable interpolation in command context
| 185 | return wrapInENML(`<div>${html}</div>`); |
Template literal with variable interpolation in command context
| 192 | return `<en-todo checked="${checked}"/> ${text}<br/>`; |
Template literal with variable interpolation in command context
| 215 | errors.push(`Forbidden element: ${tag}`); |
Template literal with variable interpolation in command context
| 258 | const callbackUrl = `http://localhost:${process.env.PORT}/auth/evernote/callback`; |
Template literal with variable interpolation in command context
| 317 | console.log(`Server running on http://localhost:${PORT}`); |
Template literal with variable interpolation in command context
| 352 | note.title = `Dev Test - ${new Date().toISOString()}`; |
Curl to non-GitHub URL
| 375 | curl http://localhost:3000/dev/test |
Access to .env file
| 38 | touch src/index.js src/evernote-client.js .env .env.example |
Access to .env file
| 52 | ├── .env # Local environment |
Access to .env file
| 53 | ├── .env.example # Template |
Access to .env file
| 60 | # .env |
Access to .env file
| 71 | # .env.example (commit this, not .env) |
Access to .env file
| 91 | sandbox: process.env.EVERNOTE_SANDBOX === 'true' |
Access to .env file
| 116 | consumerKey: process.env.EVERNOTE_CONSUMER_KEY, |
Access to .env file
| 117 | consumerSecret: process.env.EVERNOTE_CONSUMER_SECRET, |
Access to .env file
| 118 | sandbox: process.env.EVERNOTE_SANDBOX === 'true' |
Access to .env file
| 124 | if (!process.env.EVERNOTE_DEV_TOKEN) { |
Access to .env file
| 127 | return new EvernoteService(process.env.EVERNOTE_DEV_TOKEN); |
Access to .env file
| 247 | secret: process.env.SESSION_SECRET, |
Access to .env file
| 250 | cookie: { secure: process.env.NODE_ENV === 'production' } |
Access to .env file
| 258 | const callbackUrl = `http://localhost:${process.env.PORT}/auth/evernote/callback`; |
Access to .env file
| 315 | const PORT = process.env.PORT || 3000; |
Access to .env file
| 318 | console.log('Sandbox mode:', process.env.EVERNOTE_SANDBOX === 'true'); |
External URL reference
| 25 | - Evernote sandbox account at https://sandbox.evernote.com |
External URL reference
| 140 | <!DOCTYPE en-note SYSTEM "http://xml.evernote.com/pub/enml2.dtd">`; |
External URL reference
| 258 | const callbackUrl = `http://localhost:${process.env.PORT}/auth/evernote/callback`; |
External URL reference
| 317 | console.log(`Server running on http://localhost:${PORT}`); |
External URL reference
| 375 | curl http://localhost:3000/dev/test |
External URL reference
| 409 | - [Sandbox Environment](https://sandbox.evernote.com) |
External URL reference
| 410 | - [Developer Tokens](https://dev.evernote.com/doc/articles/dev_tokens.php) |
External URL reference
| 411 | - [OAuth Guide](https://dev.evernote.com/doc/articles/authentication.php) |