daily-digest
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill uses standard Gitee MCP tools to fetch data and does not involve external scripts, network requests, or shell commands.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data (Gitee notification content and PR/Issue metadata). While it lacks specific isolation or sanitization, the risk is negligible as the skill possesses no exploitable capabilities (such as file-writing or code execution).
- Ingestion points: Pull Request titles, Issue summaries, and notification text retrieved via Gitee tools in SKILL.md.
- Boundary markers: Absent; data is placed directly into markdown templates.
- Capability inventory: No system, file, or network capabilities are present in the skill instructions.
- Sanitization: None; fetched strings are included directly in the generated markdown digest.
Audit Metadata