dfs-keyword-research
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the global installation of the 'data-4-seo-cli' package from the NPM registry. This is a third-party dependency needed for the skill to function.
- [COMMAND_EXECUTION]: The skill operates by executing shell commands via the 'dfs' CLI to fetch and process SEO data.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external sources.
- Ingestion points: Content from external websites and search engine result pages (SERPs) is retrieved via the 'dfs content' and 'dfs serp' commands and provided to the agent.
- Boundary markers: The instructions do not specify any delimiters or safety markers to differentiate between external content and system instructions.
- Capability inventory: The agent has the capability to execute CLI commands and perform shell operations based on processed data.
- Sanitization: No sanitization or filtering of the fetched external content is described or implemented within the skill instructions.
Audit Metadata