smart-summary
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from external Yuque documents.
- Ingestion points: Document content is retrieved through the
yuque_get_doctool based on user-supplied URLs (SKILL.md). - Boundary markers: There are no explicit delimiters or instructions provided to the agent to segregate document content or to ignore potential instructions embedded within the text.
- Capability inventory: The skill is limited to read operations via
yuque_get_doc,yuque_get_repo,yuque_list_docs, andyuque_get_toc. It does not possess capabilities for file writing, shell command execution, or non-platform network access. - Sanitization: No sanitization or validation of the document content is performed before the agent processes it for summarization.
Audit Metadata