metadata-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill possesses an attack surface for indirect prompt injection as it is designed to ingest and analyze untrusted project data.
- Ingestion points: Project source files (e.g.,
app/**/*.tsx,pages/**/*.js) are scanned and read usingGlobandReadtools. - Boundary markers: Absent. The instructions do not specify delimiters or warnings to ignore instructions embedded within the metadata being analyzed.
- Capability inventory: Limited to read-only file system operations (
Read,Grep,Glob). It lacks capabilities for network communication, file modification, or arbitrary command execution. - Sanitization: Absent. Content read from files is processed directly for SEO analysis.
- Risk Assessment: The capability tier is 'LOW' because the processed data only influences the agent's internal reasoning and the resulting Markdown report. It cannot cause side effects outside the current chat session.
Audit Metadata