Skills
skills/indranilbanerjee/digital-marketing-pro/local-seo-audit/Gen Agent Trust Hub

local-seo-audit

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/local-seo-checker.py through the shell to perform NAP and GBP checks.
  • [COMMAND_EXECUTION]: User-provided data for 'Industry' and 'NAP' details are interpolated directly into the command-line arguments for the Python script execution.
  • Ingestion points: User-supplied business name, address, phone number, and industry name in SKILL.md.
  • Boundary markers: None present to isolate user input from the shell command.
  • Capability inventory: The skill uses python "scripts/local-seo-checker.py" --nap '...' --industry {industry} which allows for arbitrary shell command execution if the input is malicious.
  • Sanitization: No evidence of input validation or escaping for the {industry} or NAP variables is provided in the instructions.
  • [COMMAND_EXECUTION]: The skill accesses files in the user's home directory (e.g., ~/.claude-marketing/brands/{slug}/profile.json) using a dynamically constructed path based on an active brand slug.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 12:17 AM