personal-search
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill relies exclusively on platform-integrated MCP tools (
yuque_searchandyuque_get_doc) to perform its functions, which is consistent with its stated purpose of personal knowledge base searching. - [SAFE]: There are no external network calls, hardcoded credentials, or command-line executions involving sensitive system areas.
- [SAFE]: The instructions focus on user-centric tasks such as keyword extraction and document synthesis, with no attempts to bypass safety filters or override agent behavior.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes content from external Yuque documents.
- Ingestion points: Document content retrieved from Yuque via the
yuque_get_doctool (SKILL.md). - Boundary markers: Absent; there are no specific delimiters to separate untrusted document content from the agent's internal instructions.
- Capability inventory: Reading document content and summarizing it for output to the user.
- Sanitization: No explicit validation or filtering of document content is mentioned in the workflow.
Audit Metadata