yuque-personal-daily-capture
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of markdown instructions and does not contain any executable scripts, binaries, or hardcoded credentials. It relies on the user's existing yuque-mcp server for functionality.\n- [PROMPT_INJECTION]: The skill features an indirect prompt injection surface as it is designed to capture and process arbitrary user input, such as quotes from reading materials and external annotations. However, this behavior is central to its purpose as a capture tool and no malicious patterns were identified.\n
- Ingestion points: User-provided text, snippets, and annotations in the daily capture workflow (SKILL.md).\n
- Boundary markers: None explicitly defined for the captured content in the document templates.\n
- Capability inventory: yuque_create_doc, yuque_update_doc, yuque_list_repos, and yuque_search.\n
- Sanitization: None specified in the instructional text; security depends on the underlying LLM guardrails and the MCP server's permissions.\n- [NO_CODE]: No source code or dependencies are shipped with this skill. It is a logic-based instructional file.
Audit Metadata