geo-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill processes external web content and text provided by the user to perform SEO-like audits. While this involves ingesting untrusted data, the processing is limited to calculating metrics (hedge density, HTML size) and generating technical reports, which does not pose a prompt injection risk in this context.
- [Data Exposure & Exfiltration] (SAFE): The skill uses network operations (curl) to check server response headers (Content-Length). This is a benign activity required for its primary purpose of checking HTML size budgets and is not associated with data exfiltration.
- [Command Execution] (SAFE): The skill documentation references local Python scripts within the skill's own directory. These scripts are invoked for auditing and generation tasks, which is standard behavior for an AI agent skill and does not involve arbitrary or unsafe command execution.
Audit Metadata