Yuque 语雀知识库管理
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a straightforward Yuque API helper, but it requires a Yuque token and can read, create, update, reorganize, publish, or delete Yuque content.
This skill is reasonable for managing Yuque, but install it only if you want the agent to access your Yuque account. Use a limited token if possible, keep config.json private, and require explicit confirmation before deleting, publishing, or bulk-reorganizing knowledge-base content.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed and configured, the agent can act on Yuque as the token holder, including accessing private content and performing allowed mutations.
The skill requires a Yuque account token and stores or reads it for API access. This is expected for a Yuque integration, but it gives the agent access according to the token's permissions.
Authentication requires a Yuque API token. The scripts look for it in this order: 1. config.json ... 2. Environment variable ...
Use the least-privileged Yuque token available, avoid sharing the token in chat beyond setup, protect config.json, and revoke the token when no longer needed.
A mistaken command could delete or change Yuque documents, repositories, visibility settings, or table-of-contents structure.
The included scripts can mutate Yuque data, including deleting documents. This is aligned with the management purpose, but it is high-impact if run against the wrong repo or document.
result = api_request("DELETE", f"/api/v2/repos/{args.repo}/docs/{args.doc}")Before any create, update, delete, public-visibility, or TOC operation, confirm the target repo/document IDs and the intended effect with the user.
Private Yuque document content may be exposed to the active agent session, and document text could influence the agent if not handled carefully.
The skill retrieves full Yuque document content into the agent context for search/read workflows. This is expected, but retrieved documents may contain private information or instructions that should be treated as data rather than trusted agent commands.
The response `data.body` field contains the markdown content. If `body` is empty, use `body_html` or `body_lake` as fallback.
Retrieve only documents needed for the task, avoid sensitive documents unless necessary, and treat document contents as untrusted reference material.