roier-seo
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The scripts
audit.jsandaudit-api.jsingest untrusted data from external websites and APIs which could contain malicious instructions designed to influence the agent's subsequent behavior. - Ingestion points:
audit.js(extracts titles, descriptions, and element snippets from audited URLs),audit-api.js(ingests data from the PageSpeed Insights API). - Boundary markers: Absent. The output is printed as JSON or raw text to stdout without clear delimiters or 'ignore' instructions for the agent.
- Capability inventory:
audit.jshas the capability to write files to the local disk viafs.writeFileSync. - Sanitization: Absent. The scripts pass through external content like audit descriptions and element snippets directly into the output.
- Data Exposure & Exfiltration (LOW): The
audit.jsscript allows arbitrary file writing which could be abused if an attacker influences the command-line arguments. - Evidence: The
--saveflag inaudit.jsusespath.resolve(save)andfs.writeFileSyncwithout restricting the output directory, potentially allowing the overwriting of sensitive files if the agent is misdirected. - Network Operations (LOW):
audit-api.jsperforms network requests togoogleapis.com. - Evidence: Uses
fetchto call the PageSpeed Insights API. While targeting a reputable Google domain, the domain is not on the predefined internal whitelist.
Audit Metadata