Surfer SEO Content Optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions using 'npx skills add' and 'clawhub install' to fetch and execute the skill from external repositories. These resources are associated with the vendor 'agentskillexchange'.\n- [PROMPT_INJECTION]: The skill possesses a data ingestion surface by fetching and parsing content from external search results and competitor websites, creating a surface for indirect prompt injection.\n
- Ingestion points: Competitive pages fetched via SERP API and parsed with cheerio (SKILL.md).\n
- Boundary markers: Absent; the instructions do not define delimiters to isolate external content from the agent's logic.\n
- Capability inventory: Natural language processing (NLP) entity extraction, readability scoring, and content scoring (SKILL.md).\n
- Sanitization: None specified for the external data fetched during analysis.
Audit Metadata