seo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md's orchestration explicitly requires fetching and parsing arbitrary public URLs (Step 2 — "read_url_content(url)" and scripts like scripts/fetch_page.py, parse_html.py, broken_links.py, pagespeed.py, capture_screenshot.py, and various GitHub API scripts) and states the LLM must read and synthesize that page/repo content as primary evidence for audits and follow-up actions, so the agent will ingest untrusted third‑party content that can materially influence tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The README/installation steps include commands that fetch and execute remote scripts (e.g., git clone https://github.com/Bhanunamikaze/Agentic-SEO-Skill.git followed by running install.sh, and curl -fsSL https://raw.githubusercontent.com/Bhanunamikaze/Agentic-SEO-Skill/main/install.sh | bash), which clearly downloads and executes external code the skill depends on at install/runtime.