evernote-prod-checklist
Production readiness checklist for Evernote integrations. Use when preparing to deploy Evernote integration to production, or auditing production readiness. Trigger with phrases like "evernote production", "deploy evernote", "evernote go live", "production checklist evernote".
Best use case
evernote-prod-checklist is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Production readiness checklist for Evernote integrations. Use when preparing to deploy Evernote integration to production, or auditing production readiness. Trigger with phrases like "evernote production", "deploy evernote", "evernote go live", "production checklist evernote".
Teams using evernote-prod-checklist should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/evernote-prod-checklist/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How evernote-prod-checklist Compares
| Feature / Agent | evernote-prod-checklist | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Production readiness checklist for Evernote integrations. Use when preparing to deploy Evernote integration to production, or auditing production readiness. Trigger with phrases like "evernote production", "deploy evernote", "evernote go live", "production checklist evernote".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Evernote Production Checklist ## Overview Comprehensive checklist for deploying Evernote integrations to production, covering API key activation, security hardening, rate limit handling, monitoring, and go-live verification. ## Prerequisites - Completed development and testing in sandbox - Production API key approved by Evernote (requires review process) - Production infrastructure provisioned ## Instructions ### API Key & Authentication - [ ] Production API key requested and approved by Evernote - [ ] `EVERNOTE_SANDBOX=false` in production config - [ ] Consumer key and secret stored in secrets manager (not env files) - [ ] OAuth callback URL uses HTTPS on production domain - [ ] Token expiration tracking implemented (`edam_expires`) - [ ] Token refresh/re-auth flow tested end-to-end ### Security - [ ] Access tokens encrypted at rest (AES-256-GCM) - [ ] CSRF protection on OAuth flow - [ ] API credentials not in source control (`.env` in `.gitignore`) - [ ] Log output redacts tokens and PII - [ ] Input validation on all user-supplied content (ENML sanitization) - [ ] Rate limit handling prevents API key suspension ### Rate Limits & Performance - [ ] Exponential backoff on `RATE_LIMIT_REACHED` errors - [ ] Minimum delay between API calls (100-200ms) - [ ] Response caching for `listNotebooks()` and `listTags()` (5-10 min TTL) - [ ] `findNotesMetadata()` used instead of `findNotes()` for listings - [ ] Batch operations use sequential processing with delays ### Monitoring & Alerting - [ ] Health check endpoint verifies Evernote API connectivity - [ ] Metrics tracked: API call count, latency, error rate, rate limits - [ ] Alerts configured for rate limits, auth failures, and high error rates - [ ] Structured logging with correlation IDs - [ ] Quota usage monitoring with threshold alerts (75%, 90%) ### Data Integrity - [ ] ENML validation before every `createNote`/`updateNote` call - [ ] Note titles sanitized (max 255 chars, no newlines) - [ ] Tag names validated (max 100 chars, no commas) - [ ] Resource hashes verified (MD5 match) - [ ] Sync state (USN) tracked and persisted for incremental sync ### Deployment - [ ] Production Docker image built with multi-stage build - [ ] `NODE_ENV=production` set in container - [ ] Graceful shutdown handles in-flight API calls - [ ] Rollback plan documented and tested - [ ] Deployment verification script runs post-deploy ### Verification Script ```bash #!/bin/bash set -euo pipefail echo "Verifying Evernote production deployment..." # 1. Health check curl -sf "$APP_URL/health" | jq '.evernoteApi' | grep -q '"connected"' echo " Health check: PASS" # 2. Create test note GUID=$(curl -sf "$APP_URL/api/test-note" | jq -r '.guid') echo " Note creation: PASS (GUID: $GUID)" # 3. Clean up test note curl -sf -X DELETE "$APP_URL/api/notes/$GUID" echo " Cleanup: PASS" echo "All checks passed." ``` For the complete checklist details and verification scripts, see [Implementation Guide](references/implementation-guide.md). ## Output - Production readiness checklist (API keys, security, performance, monitoring) - Verification script for post-deployment testing - Security audit checklist for credential and token management - Monitoring setup verification ## Error Handling | Error | Cause | Solution | |-------|-------|----------| | `INVALID_AUTH` in production | Using sandbox token with production endpoint | Verify `EVERNOTE_SANDBOX=false` matches production key | | Verification script fails | Service not healthy after deploy | Check logs, rollback if needed | | Rate limits on launch | Burst of API calls at startup | Add startup delay, warm caches gradually | | `PERMISSION_DENIED` | Production key missing permissions | Contact Evernote developer support | ## Resources - [Evernote Developer Portal](https://dev.evernote.com/) - [API Key Request](https://dev.evernote.com/support/) - [Rate Limits](https://dev.evernote.com/doc/articles/rate_limits.php) - [OAuth Documentation](https://dev.evernote.com/doc/articles/authentication.php) ## Next Steps For version upgrades, see `evernote-upgrade-migration`. ## Examples **Go-live checklist**: Walk through each section, check off items, run the verification script, and sign off with the team before switching DNS to the production deployment. **Security audit**: Review encrypted token storage, verify log redaction, confirm CSRF protection, and test token expiration handling before the production launch.
Related Skills
product-brief
Structured product brief and PRD creation assistant. Use when the user needs to write a product brief, PRD, feature spec, or any document that defines what to build and why. Triggers include "product brief", "PRD", "spec", "feature doc", "write a brief", "define this feature", or when scoping work for engineering.
kafka-producer-consumer
Kafka Producer Consumer - Auto-activating skill for Backend Development. Triggers on: kafka producer consumer, kafka producer consumer Part of the Backend Development skill category.
governance-checklist-generator
Governance Checklist Generator - Auto-activating skill for Enterprise Workflows. Triggers on: governance checklist generator, governance checklist generator Part of the Enterprise Workflows skill category.
genkit-production-expert
Build production Firebase Genkit applications including RAG systems, multi-step flows, and tool calling for Node.js/Python/Go. Deploy to Firebase Functions or Cloud Run with AI monitoring. Use when asked to "create genkit flow" or "implement RAG". Trigger with relevant phrases based on skill purpose.
exa-prod-checklist
Execute Exa production deployment checklist with pre-flight, deploy, and rollback. Use when deploying Exa integrations to production, preparing for launch, or verifying production readiness. Trigger with phrases like "exa production", "deploy exa to prod", "exa go-live", "exa launch checklist", "exa production ready".
evernote-webhooks-events
Implement Evernote webhook notifications and sync events. Use when handling note changes, implementing real-time sync, or processing Evernote notifications. Trigger with phrases like "evernote webhook", "evernote events", "evernote sync", "evernote notifications".
evernote-upgrade-migration
Upgrade Evernote SDK versions and migrate between API versions. Use when upgrading SDK, handling breaking changes, or migrating to newer API patterns. Trigger with phrases like "upgrade evernote sdk", "evernote migration", "update evernote", "evernote breaking changes".
evernote-security-basics
Implement security best practices for Evernote integrations. Use when securing API credentials, implementing OAuth securely, or hardening Evernote integrations. Trigger with phrases like "evernote security", "secure evernote", "evernote credentials", "evernote oauth security".
evernote-sdk-patterns
Advanced Evernote SDK patterns and best practices. Use when implementing complex note operations, batch processing, search queries, or optimizing SDK usage. Trigger with phrases like "evernote sdk patterns", "evernote best practices", "evernote advanced", "evernote batch operations".
evernote-reference-architecture
Reference architecture for Evernote integrations. Use when designing system architecture, planning integrations, or building scalable Evernote applications. Trigger with phrases like "evernote architecture", "design evernote system", "evernote integration pattern", "evernote scale".
evernote-rate-limits
Handle Evernote API rate limits effectively. Use when implementing rate limit handling, optimizing API usage, or troubleshooting rate limit errors. Trigger with phrases like "evernote rate limit", "evernote throttling", "api quota evernote", "rate limit exceeded".
evernote-performance-tuning
Optimize Evernote integration performance. Use when improving response times, reducing API calls, or scaling Evernote integrations. Trigger with phrases like "evernote performance", "optimize evernote", "evernote speed", "evernote caching".