Skills
skills/inference-shell/skills/seo-content-brief/Gen Agent Trust Hub

seo-content-brief

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through the processing of untrusted external data.
  • Ingestion points: The skill uses the infsh app run tavily/extract command to fetch and process content from external URLs in SKILL.md.
  • Boundary markers: No delimiters or protective instructions are provided to prevent the agent from following commands embedded in the external content.
  • Capability inventory: The skill utilizes the infsh CLI for searching, extraction, and generating images via the Bash tool.
  • Sanitization: No content sanitization or validation steps are defined for the extracted data.
  • [COMMAND_EXECUTION]: The skill uses the infsh (inference.sh) CLI to execute various search and research applications. These tools are provided by the skill's author, inference-shell, and are used to interact with search engines and content extraction services.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests fetching additional skills from the inference-sh organization using npx skills add, which facilitates the download of external code to extend the agent's capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:29 PM