Skills
skills/geoly-ai/geo-skills/geo-schema-gen/Gen Agent Trust Hub

geo-schema-gen

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs network operations to external, non-whitelisted domains.
  • The scripts scripts/batch_generate.py and scripts/generate_schema.py use the requests library to fetch content from arbitrary URLs provided by the user or found in sitemaps.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the web.
  • Ingestion points: The scripts scripts/batch_generate.py and scripts/generate_schema.py fetch and parse HTML content from external websites.
  • Boundary markers: Absent. The scripts extract text directly from HTML elements (like <h1>, <title>, and <meta> tags) and place them into structured JSON fields without delimiters or "ignore" instructions.
  • Capability inventory: The skill has network-read capabilities and writes the generated JSON-LD files to the local file system.
  • Sanitization: Absent. There is no validation or sanitization of the strings extracted from external web pages before they are returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 02:33 AM