knowledge-connect
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external sources.
- Ingestion points: The skill reads document content from the user's Yuque knowledge base using the
yuque_get_doctool in Step 2. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions potentially embedded within the documents being analyzed.
- Capability inventory: The agent has the capability to modify document content via
yuque_update_docand perform searches viayuque_searchbased on the results of its analysis. - Sanitization: No sanitization or validation of the document content is performed before it is used to influence the agent's behavior or document update operations.
Audit Metadata