seo-geo
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from a user-supplied URL. This is a common attack surface for tools designed to analyze external web content.
- Ingestion points: Website content fetched from the user-provided
[url]parameter defined inSKILL.md. - Boundary markers: The skill lacks explicit instructions or delimiters (such as XML tags or triple quotes) to help the agent distinguish between data to be analyzed and instructions to be followed within the external content.
- Capability inventory: The agent is authorized to write a report to the file system (
GEO-ANALYSIS.md) and utilize specialized scraping tools likeai_optimization_chat_gpt_scraperif available. - Sanitization: No sanitization, filtering, or validation logic is defined to neutralize potential prompt injection payloads embedded in the source website's text or metadata.
Audit Metadata