seo-technical-sitemap
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as a technical guidance template for SEO tasks. It provides instructions on sitemap protocols, field requirements, and architecture without incorporating executable scripts, network operations, or privileged commands.\n- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by instructing the agent to gather site context from local project files.\n
- Ingestion points: Reads site URL and architecture data from
.claude/product-marketing-context.md,.cursor/product-marketing-context.md, and other project configuration files (e.g.,site-pages-config.ts).\n - Boundary markers: The skill lacks explicit delimiters or instructions to ignore potential commands embedded within the processed marketing or configuration files.\n
- Capability inventory: The skill's capabilities are limited to the generation of structured text (XML) and configuration code. No subprocess, network, or file-system writing capabilities are defined in the skill.\n
- Sanitization: There are no instructions for sanitizing or validating the data retrieved from external project files before it is processed by the agent into sitemap output.
Audit Metadata