seo-aeo-diagnostics
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) because its core functionality involves fetching and analyzing content from external, untrusted websites.
- Ingestion points: Data is ingested from external URLs via the
web_fetchandbrowsertools across all diagnostic sub-modules, such astechnical-foundation/SKILL.mdandsearch-accessibility/SKILL.md. - Boundary markers: The skill lacks explicit delimiters or "ignore embedded instructions" warnings when processing the retrieved HTML or metadata, which could allow instructions hidden in a website's source code to influence the agent's behavior.
- Capability inventory: The skill uses network retrieval tools to perform its audits. It does not have access to sensitive local files, the ability to write to the file system, or arbitrary command execution capabilities.
- Sanitization: There is no evidence of sanitization, filtering, or escaping of the fetched content before it is processed by the LLM for diagnosis.
Audit Metadata