Waardering 3 van 5 sterren

door chris op mrt 15, 2026 ·

I appreciate the work behind oneClipper and wanted to share a constructive security observation from reviewing the source code.

The add-on appears to rely on an external token server for Microsoft OAuth token handling, so users may need to place significant trust in that service. If that server were ever compromised or mismanaged, connected OneNote access could potentially be exposed.

It may be helpful to clarify this external dependency on the add-on page so users can better understand the trust model. I’m sharing this as a constructive suggestion for transparency, not as an accusation.

Deze gebruiker heeft een eerdere beoordeling van deze add-on.