Skills
skills/wpsnote/wpsnote-skills/note-copilot/Gen Agent Trust Hub

note-copilot

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from external web sources and other notes.
  • Ingestion points: WebFetch (external) and search_notes/read_note (internal) in SKILL.md.
  • Boundary markers: No delimiters or instructions to ignore embedded commands are specified in the marker processing logic.
  • Capability inventory: Modification of the note filesystem via edit_block and batch_edit tools in SKILL.md.
  • Sanitization: No content validation or sanitization is specified.
  • [DATA_EXFILTRATION]: Note keywords are extracted and sent to external search providers via WebFetch. This exposes note metadata but is functional for the reference feature.
  • [SAFE]: The skill uses localized tools and logic to minimize unintended modifications and operates through the established WPS Note platform environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 04:16 PM