wordpress-seo
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted HTML content from external files. An attacker could potentially embed malicious instructions within a WordPress post that might influence the behavior of an agent using this skill.
- Ingestion points: Content is read from local files in 'scripts/calculate_readability.py' and 'scripts/generate_metadata.py'.
- Boundary markers: Absent. The scripts do not implement delimiters or instructions to the agent to disregard embedded content.
- Capability inventory: The skill is limited to local file reading and writing. No network access, subprocess execution, or dynamic code evaluation was found in the provided files (note: 'scripts/optimize_content.py' is referenced but not provided).
- Sanitization: Content processing relies on basic regex and HTML parsing, which is insufficient to filter out injected instructions.
Audit Metadata