blog-seo-check
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch tool to download content from external URLs for SEO analysis and to verify that external links are reachable.
- [COMMAND_EXECUTION]: The skill executes shell-based search tools like Grep and Glob to scan the local filesystem for content and performs cross-skill calls by running a local Python script at 'skills/blog-google/scripts/run.py' for performance auditing.
- [PROMPT_INJECTION]: The skill ingests untrusted data from external websites and project files, which creates a surface for indirect prompt injection.
- Ingestion points: Content is retrieved from external URLs via WebFetch and from local files via Grep and Glob.
- Boundary markers: The skill does not utilize specific delimiters or isolation instructions to separate ingested content from the system prompt.
- Capability inventory: The skill possesses capabilities for network operations, file system access, and local script execution.
- Sanitization: No validation, filtering, or sanitization is performed on the ingested content before it is processed by the agent.
Audit Metadata