personal-tech-design
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection, as it is designed to ingest untrusted user input and process it into a document that is then stored on an external platform.
- Ingestion points: User-provided technical requirements gathered in Step 1 of
SKILL.md(e.g., project name, background, goals). - Boundary markers: Absent; the skill does not instruct the agent to use delimiters or specific ignore-instruction prompts when interpolating user data into the
references/template.mdfile. - Capability inventory: The skill uses the
yuque_create_doctool from theyuque-mcpserver to write generated content to a remote repository. - Sanitization: No explicit sanitization or validation of user-provided content is mentioned in the workflow.
- [SAFE]: No malicious behaviors such as credential harvesting, unauthorized command execution, or obfuscated code were detected. The usage of MCP tools is consistent with the skill's declared purpose of managing documents on Yuque.
Audit Metadata