Skills
skills/yutori-ai/yutori-mcp/yutori-scout/Gen Agent Trust Hub

yutori-scout

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [SAFE]: The skill consists entirely of Markdown instructions and does not include any executable scripts, binary files, or external code dependencies.
  • [SAFE]: The instructions include a specific security protocol requiring the agent to verify that any user-provided webhook_url uses HTTPS and is under the user's control before proceeding with configuration.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external websites, creating a surface for indirect prompt injection.
  • Ingestion points: External web content (news, competitor sites, product updates) monitored via the 'scout' tools.
  • Boundary markers: Absent; the instructions do not define specific delimiters or instructions to treat fetched content as untrusted data.
  • Capability inventory: The skill uses create_scout, edit_scout, and get_scout_updates to manage persistent monitoring and retrieve data.
  • Sanitization: No sanitization, escaping, or filtering of the external content is described in the setup process.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 11:59 PM