seo-audit
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to ingest and analyze untrusted data from external websites.
- Ingestion points: Web content is retrieved via
web_fetchorcurlbased on user-provided URLs to perform the SEO audit as described inSKILL.md. - Boundary markers: The instructions do not include specific delimiters or 'ignore embedded instructions' warnings for the data being processed.
- Capability inventory: The skill leverages the agent's web-fetching and text-analysis capabilities to perform audits, though it does not include its own executable scripts.
- Sanitization: There are no instructions for sanitizing or validating the fetched HTML content to prevent malicious instructions embedded in metadata or comments from influencing the agent's behavior.
- [SAFE]: All external references (Google Search Console, PageSpeed Insights, Rich Results Test) are well-known, trusted services.
- [SAFE]: The skill consists entirely of Markdown documentation and contains no executable scripts, hardcoded credentials, or obfuscated content.
Audit Metadata