seo-mastery
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill relies heavily on shell commands including
curl,grep,sed, andjqto perform site audits. While these are standard tools, they execute with the agent's shell privileges. - [EXTERNAL_DOWNLOADS] (LOW): The skill uses
npx lighthouseandnpx puppeteerto perform performance and rendering audits. - Evidence:
audit-workflow.mdandtechnical-seo.mdboth containnpxcommands. - Trusted Source:
lighthouseandpuppeteerare maintained by Google/Chrome, qualifying as trusted under [TRUST-SCOPE-RULE], which keeps this finding at LOW severity. - [PROMPT_INJECTION] (MEDIUM): This finding specifically addresses Category 8: Indirect Prompt Injection.
- Ingestion points:
audit-workflow.md(multiple locations, e.g., lines 27, 43, 85) usescurlto fetch content from user-provided or external URLs. - Boundary markers: Absent. Content is fetched and piped directly to text processing tools without delimiters or instructions to ignore embedded commands.
- Capability inventory: The agent can execute shell commands, run Node.js tools, and write files to the local system (
--output-path=./report.json). - Sanitization: None. The skill does not sanitize or escape the HTML/metadata content fetched from external sites.
- Risk: A malicious website being audited could contain instructions (e.g., in HTML comments or meta tags) designed to hijack the agent's logic during the audit process.
Audit Metadata