Skills
skills/yuque/yuque-skills/personal-weekly/Gen Agent Trust Hub

personal-weekly

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill uses specific MCP tools (yuque_list_repos, yuque_list_docs, yuque_create_doc) from the yuque-mcp server to interact with the Yuque platform. These operations are consistent with the skill's stated purpose of documentation reporting and involve legitimate vendor resources.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from document titles and repository names.
  • Ingestion points: Document titles and repository namespaces are retrieved via yuque_list_repos and yuque_list_docs in SKILL.md (Step 2).
  • Boundary markers: Absent. The external metadata is interpolated directly into the markdown report template in Step 4 without delimiters or instructions for the agent to ignore instructions embedded within the data.
  • Capability inventory: The skill has write access to the Yuque platform via the yuque_create_doc tool in SKILL.md (Step 5), allowing it to save generated content.
  • Sanitization: Absent. There is no evidence of validation, filtering, or escaping of document titles before they are included in the generated report.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:12 AM
Security Audit — agent-trust-hub — personal-weekly