seo-backlinks
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several local Python scripts, such as
scripts/backlinks_auth.py,scripts/moz_api.py, andscripts/verify_backlinks.py, to perform data retrieval and analysis. It also includes an installation script at./extensions/dataforseo/install.sh. These operations are consistent with the skill's documented SEO auditing purpose. - [EXTERNAL_DOWNLOADS]: Retrieves data from established SEO service providers including Moz, Bing Webmaster, and DataForSEO, as well as the Common Crawl public dataset. These are well-known and trusted sources for link analysis data.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data (anchor text, domain descriptions, and crawled page content) which could potentially contain malicious instructions. Evidence: (1) Ingestion points: Moz/Bing/DataForSEO API responses and crawler outputs from
verify_backlinks.py. (2) Boundary markers: Not explicitly specified in the prompt logic. (3) Capability inventory: Executes local Python and shell scripts via subprocesses. (4) Sanitization: No explicit sanitization or filtering logic is described for the ingested text. This is a common characteristic of SEO tools and is considered a low-risk surface in this context.
Audit Metadata