seo-content-production
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill performs dynamic modification of the Python system path using
sys.path.insert(0, ".claude/skills/seomachine/modules")to import modules from a sibling skill directory. Additionally, it invokes external scripts usingpython3 .claude/skills/seomachine/scripts/content_brief_generator.py, which represents execution of code not contained within the skill's own package.\n- [COMMAND_EXECUTION]: The skill uses system-level commands likegrepand shell pipelines to process draft files and search through content indices (e.g.,grep -rli "topic" "Published Content/").\n- [PROMPT_INJECTION]: The workflow involves ingesting data from external sources such as theDataForSEOAPI and external research compilations. This establishes a surface for indirect prompt injection, as malicious instructions in the external data could influence the agent during the drafting process.\n - Ingestion points: External data from the
seomachineskill and Phase 3 research sources.\n - Boundary markers: None identified in the provided templates.\n
- Capability inventory: Subprocess execution for script orchestration and file system write access for generating content.\n
- Sanitization: No specific content sanitization or validation logic is documented for the ingested research data.
Audit Metadata