ecommerce-seo-audit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from external websites. Ingestion points: Websites analyzed via WebFetch and WebSearch. Boundary markers: None identified in the provided file snippets. Capability inventory: Report generation and action plan prioritization. Sanitization: No explicit sanitization or filtering of external content is described. This risk is common to all web-based auditing skills.
- [Data Exposure & Exfiltration] (SAFE): Network access is used solely for fetching SEO data and competitor research as described in the README. No access to sensitive local files or credentials was detected.
- [External Downloads] (SAFE): The skill is distributed via a public GitHub repository. The installation command 'npx skills add' is a standard practice for this ecosystem and does not include suspicious execution patterns like piping to a shell.
Audit Metadata