yuque-group-smart-search

The skill's stated purpose and workflow are coherent: it performs legitimate group knowledge-base queries using official Yuque MCP tools and synthesizes user-oriented outputs. The credential requirement (group token) is appropriate for group-restricted access. No evidence of malicious behavior (data exfiltration, credential harvesting, or autonomous external actions) is present in the fragments. Primary security considerations are safeguarding the group token, ensuring proper access controls, and validating that document content rendering does not inadvertently leak sensitive material. Overall, the approach appears sound with standard security safeguards recommended for credential handling and content gating.