yuque-personal-smart-summary
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely within the context of the Yuque platform using a defined MCP toolset (
yuque-mcp). It performs document retrieval and text analysis as described. - [DATA_EXPOSURE_AND_EXFILTRATION]: No evidence of credential exposure or data exfiltration. The skill requires a personal Yuque token as part of the MCP server configuration, but it does not hardcode or transmit this token to unauthorized third-party services. Network operations are confined to the official Yuque infrastructure.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external Yuque documents through the
yuque_get_doctool. While this creates a surface for indirect prompt injection, the skill's capabilities are restricted to text summarization, and it lacks dangerous tools (e.g., shell execution, filesystem write, or arbitrary outbound networking) that would allow an attacker to escalate such an injection into a significant security breach.
Audit Metadata