yuque-personal-smart-summary

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly requires calling yuque-mcp tools (e.g., yuque_get_doc, yuque_get_repo_toc, yuque_search) to read full document content from user-generated Yuque repositories, and that content is directly read and analyzed to drive summarization decisions—exposing the agent to untrusted third-party content that could carry indirect prompt injection.