seo-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it retrieves and processes raw HTML content from external websites via the agent-browser tool. \n
- Ingestion points: Untrusted data enters via
agent-browser get sourceand is saved to/tmp/target_page.html. \n - Boundary markers: Absent. There are no delimiters or instructions to the agent to ignore embedded instructions within the fetched content. \n
- Capability inventory: The skill executes local Python scripts and manages browser interactions. \n
- Sanitization: Absent. No evidence of HTML sanitization or prompt escaping is present in the workflow. \n- [COMMAND_EXECUTION] (SAFE): The skill uses command-line operations (e.g.,
python,agent-browser) to perform its intended tasks. These executions are transparent and do not involve privilege escalation or obfuscated logic.
Audit Metadata