knowledge-report
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to collect and analyze team statistics (member contributions, document growth, and knowledge base health) using authorized platform tools.
- [DATA_EXFILTRATION]: Although the skill accesses sensitive team activity data, all operations occur within the Yuque ecosystem. The data is fetched via
yuque-mcptools and saved back to Yuque viayuque_create_doc. No unauthorized data transmission to external or third-party domains was detected. - [PROMPT_INJECTION]: The skill processes external data such as member names and document titles retrieved from the Yuque API. While this constitutes a surface for indirect prompt injection, the risk is negligible as the data originates from the user's own team environment and is handled as structured input for a report template.
Audit Metadata