yuque-group-meeting-notes
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes untrusted user-provided content (meeting notes) which is then published to a shared repository.
- Ingestion points: Raw meeting content, audio transcriptions, and user-provided meeting fields in SKILL.md (Step 1).
- Boundary markers: The skill does not define specific delimiters or "ignore instructions" warnings for the user-provided meeting content during interpolation into the formatting template.
- Capability inventory: The skill utilizes
yuque_create_docwhich performs a network write operation to an external knowledge base. - Sanitization: No explicit validation or sanitization of the meeting content is performed prior to document creation, though it does involve template-based reformatting.
Audit Metadata