The Agent Skills Directory

[SAFE]: The skill documentation is well-structured and focuses on legitimate SEO workflows. It includes detailed quality gates for programmatic content and refers to industry-standard documentation from Google, schema.org, and ISO.
[COMMAND_EXECUTION]: The skill utilizes a local script scripts/fetch_page.py to retrieve HTML data from target websites. This is a primary functional requirement for an SEO auditor and is restricted to the local filesystem context.
[PROMPT_INJECTION]: The skill's core functionality of crawling external websites creates an attack surface for indirect prompt injection. 1. Ingestion points: HTML content retrieved via scripts/fetch_page.py. 2. Boundary markers: None explicitly defined in the instruction files. 3. Capability inventory: Execution of local scripts, report generation (file-write), and network operations for site crawling. 4. Sanitization: No explicit sanitization or filtering logic is provided for the parsed HTML content.
[DATA_EXFILTRATION]: Network activity is performed by the crawler to access public web content and optionally communicate with DataForSEO APIs. These operations are consistent with the skill's purpose and do not target sensitive local user credentials or private configuration files.

claude-seo