yuque-personal-smart-search
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and processes untrusted document content from the Yuque platform.\n
- Ingestion points: External document content is retrieved via the
yuque_get_doctool (SKILL.md, Step 4).\n - Boundary markers: Absent. The retrieved document text is not encapsulated in protective delimiters before being passed to the AI for synthesis.\n
- Capability inventory: The skill's capabilities are limited to read-only document access; it lacks tools for writing files, establishing network connections, or executing system commands.\n
- Sanitization: No explicit content filtering or sanitization is performed on the ingested text prior to summarization.
Audit Metadata