Skills
skills/crazyswami/wordpress-dev-skills/seo-optimizer/Gen Agent Trust Hub

seo-optimizer

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script audit.py executes system-level commands using subprocess.run. It specifically invokes docker exec to perform database queries and curl to fetch data from the WordPress REST API.
  • [CREDENTIALS_UNSAFE]: The script audit.py contains hardcoded database credentials (DB_USER="wordpress", DB_PASS="wordpress") used to access the WordPress database container.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection and data-driven attacks through the processing of untrusted external data.
  • Ingestion points: Data is fetched from potentially untrusted WordPress REST API endpoints in audit.py (functions get_all_pages and get_all_posts).
  • Boundary markers: No delimiters or instructions are used to separate untrusted API data from the agent's logic.
  • Capability inventory: The skill possesses the ability to execute shell commands (docker, curl) and perform raw SQL queries.
  • Sanitization: The script lacks sanitization for fields like post_id before they are interpolated into SQL strings in get_yoast_meta and get_media_info, creating a SQL injection surface if the API response is compromised.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 01:39 AM