algo-seo-backlink
Warn
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's reference documentation in
references/toxicity-scoring.mdsuggests a 'quick shell method' using thedigutility (e.g.,dig +short example.com | awk ...) to analyze domain IP C-blocks. If the AI agent automates this analysis by executing these commands on data sourced from untrusted backlink exports, it introduces a risk of command injection if domain names contain shell metacharacters. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core function of ingesting and analyzing third-party SEO reports.
- Ingestion points: External backlink data exports from Ahrefs, Moz, or Search Console as described in
SKILL.md(Phase 1) andreferences/competitor-gap.md(Step 1). - Boundary markers: Absent; the skill does not define delimiters or provide instructions to the agent to ignore potentially malicious content within the analyzed data fields.
- Capability inventory: The skill performs complex data scoring and identifies 'toxic' links, and suggested methodologies include shell utility usage (
dig). - Sanitization: There is no mention of input validation or escaping for the external data (such as anchor text or referring domains) before it is processed or used in analysis steps.
Audit Metadata