programmatic-seo
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface detected via untrusted data processing.
- Ingestion points: External URLs, data source files (CSV/JSON), and API endpoints provided in the input (SKILL.md).
- Boundary markers: No delimiters or 'ignore' instructions are specified to separate untrusted data from system instructions.
- Capability inventory: The skill utilizes referenced scripts (
tech-seo-auditor.py,content-scorer.py,competitor-scraper.py) to perform network operations and data analysis. - Sanitization: There is no documented evidence of input validation or sanitization for external content.
- [DATA_EXFILTRATION]: The skill instructions explicitly direct the agent to read sensitive configuration and brand profile data from the user's home directory (e.g.,
~/.claude-marketing/brands/_active-brand.json). While scoped to an application-specific folder, this involves local file system access that could lead to data exposure if manipulated. - [COMMAND_EXECUTION]: The skill references several Python scripts (
tech-seo-auditor.py,content-scorer.py,competitor-scraper.py) to automate technical audits and scraping. Although the scripts were not provided for analysis, their execution on local data and network-derived content is a primary function of the skill.
Audit Metadata