geo-llms-txt
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
generate_llms_txt.pyscript uses therequestslibrary to fetch content from user-provided URLs and sitemap files. This is the primary function of the tool and is used to gather metadata. - [COMMAND_EXECUTION]: The skill's documentation guides the user to execute local Python scripts (
scripts/generate_llms_txt.pyandscripts/validate_llms_txt.py) via the command line to perform website analysis and file validation. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
- Ingestion points: The
generate_llms_txt.pyscript fetches HTML content from external websites and sitemaps provided by the user. - Boundary markers: The script does not utilize boundary markers or explicit instructions to the AI agent to disregard embedded commands when it processes the generated llms.txt file.
- Capability inventory: The skill uses
requests.getfor network access and writes the generated content to a local file. It does not perform subprocess execution or evaluate code based on the ingested data. - Sanitization: The script extracts content from specific HTML tags (
title,meta,h1,p). While it parses the HTML structure, it does not sanitize the text content for malicious instructions that could influence an AI agent reading the output.
Audit Metadata