seo-audit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection Surface: The skill ingests data from external URLs and competitor sites to perform benchmarking and audits. (1) Ingestion points: External website content and competitor pages (SKILL.md). (2) Boundary markers: The skill does not explicitly define markers to separate ingested content from its internal logic, though it primarily extracts SEO-related metadata. (3) Capability inventory: The skill uses web search and MCP-connected SEO tools to gather metrics and ranking data. (4) Sanitization: No specific sanitization of external HTML or content is described, which is common for analysis-oriented skills.
- Tool Integration: The skill describes the use of MCP connectors to interact with third-party SEO platforms such as Ahrefs or Semrush. This is an intended feature for providing data-driven SEO audits and does not represent a security risk when used with trusted services.
- Reporting Logic: The skill generates structured reports, tables, and action plans based on its analysis, adhering to established digital marketing practices without attempting unauthorized command execution or data exfiltration.
Audit Metadata