seo-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external HTML content.
- Ingestion points: The
scripts/seo_analyzer.pyscript parses local HTML files (e.g.,index.html) to extract metadata and headings. - Boundary markers: The skill does not use specific delimiters or instructions to ignore potential commands within the extracted HTML content when generating the analysis report.
- Capability inventory: The skill executes local scripts via shell commands and reads/writes files within the project directory.
- Sanitization: There is no evidence of sanitization or escaping of the text extracted from HTML tags (such as title or H1 tags) before it is presented to the agent in the analysis workflow.
Audit Metadata