yuque-document-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The yuque-document-management skill explicitly calls MCP functions like mcp_YuQueMCP_get_document, mcp_YuQueMCP_search and mcp_YuQueMCP_get_repository_toc_tree to fetch and read YuQue knowledge-base documents (user-generated third‑party content) as part of its workflow, which could enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The algorithmic-art skill's HTML artifact includes a runtime CDN script tag that will be fetched and executed (https://cdnjs.cloudflare.com/ajax/libs/p5.js/1.7.0/p5.min.js), so the skill depends on externally hosted JavaScript running in the artifact environment.