yuque-group-knowledge-report
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Utilizes the
yuque-mcpserver tools to interact with the Yuque API. This is a functional requirement for the skill to access data from the Yuque platform and is considered safe as it interacts with well-known vendor services.\n- [SAFE]: The skill collects and analyzes team activity data, such as document counts and active member ratios, which is strictly for the purpose of generating the requested report. No data is exfiltrated to external or untrusted domains.\n- [PROMPT_INJECTION]: The workflow involves processing document metadata from the Yuque platform. While this represents a surface for indirect prompt injection, the skill mitigates this by using a structured markdown template and focusing on quantitative data aggregation, which limits the risk of the agent executing embedded instructions.
Audit Metadata