seo-schema
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends installing the
@upstash/context7-mcppackage usingnpx. This involves downloading and executing code from a remote registry. - Evidence: Found in
SKILL.mdStep 1:claude mcp add context7 -- npx -y @upstash/context7-mcp. This targets a well-known service provider. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the user's project files to generate or modify code.
- Ingestion points: Project files and existing JSON-LD blocks are read in Step 4 and Step 5 of
SKILL.mdto infer types and validate structure. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present during the data ingestion phase.
- Capability inventory: The skill has the capability to write files and suggest code modifications in Step 5 and Step 6.
- Sanitization: No explicit sanitization or validation of the ingested content is described before it is used to influence the agent's generation or modification of code.
Audit Metadata