seo-local
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests and processes untrusted data from the web.\n
- Ingestion points: External content is retrieved using the
WebFetchtool from URLs provided as input in the[url]argument.\n - Boundary markers: The instructions do not specify the use of delimiters or directives to ensure the agent ignores potentially malicious instructions embedded within the fetched website data.\n
- Capability inventory: The skill's environment includes high-privilege tools such as
Bash,Write, andWebFetch, which increases the potential impact if the agent is manipulated by instructions found in external content.\n - Sanitization: There are no requirements or logic for sanitizing or validating the content of the retrieved external pages before the agent processes them.
Audit Metadata