seo-article-writing
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. The keyword research phase involves a subagent that retrieves and analyzes content from top competitor URLs. Maliciously crafted content on those external websites could attempt to influence the Article Writer's instructions. \n
- Ingestion points: External competitor URLs and web search data processed by the Keyword Research subagent (see SKILL.md). \n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the Article Writer subagent prompt. \n
- Capability inventory: The skill is designed to write content directly to the local filesystem in MDX format. \n
- Sanitization: No sanitization or filtering of external research data is implemented before interpolation into the writing prompt. \n- [COMMAND_EXECUTION]: Includes a setup script (assets/scripts/setup-blog.sh) used for project scaffolding. It performs directory creation and file copying from the skill's assets to the target project path. \n- [EXTERNAL_DOWNLOADS]: References and utilizes several well-known Node.js libraries and frameworks, such as @napi-rs/canvas for image generation, @tanstack/react-router for navigation, and @next/mdx for content rendering.
Audit Metadata