Skills
skills/bartwaardenburg/isagentready-skills/content-semantics/Gen Agent Trust Hub

content-semantics

Fail

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Multiple instructions in SKILL.md and references/ssr-strategies.md prompt the agent to run command-line tools like curl, grep, sed, and tr to inspect page content.
  • [EXTERNAL_DOWNLOADS]: The skill fetches HTML from external URLs using curl to evaluate server-side rendering and heading hierarchy.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its analysis of external website content. An attacker-controlled website could contain malicious instructions designed to mislead the agent during its audit.
  • Ingestion points: curl commands in SKILL.md and references/ssr-strategies.md fetch content from arbitrary user-provided URLs.
  • Boundary markers: None are specified; the agent is expected to process the raw output of the commands.
  • Capability inventory: The skill utilizes network requests (curl) and local text processing utilities (grep, sed, tr, wc, head).
  • Sanitization: No sanitization or filtering logic is present in the provided instructions.
Recommendations
  • HIGH: Downloads and executes remote code from: https://example.com - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 11, 2026, 03:38 AM