Skills
skills/luongnv89/skills/seo-ai-optimizer/Gen Agent Trust Hub

seo-ai-optimizer

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script (scripts/audit_seo.py) to perform the audit. This is a standard and necessary function for the skill's operation and occurs with the user's knowledge.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The audit script reads local HTML and template files to extract SEO metadata. This data is processed locally and output to the agent's context. No network operations or external data transmissions were found in the provided code.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data by reading HTML and template files from the user's project.
  • Ingestion points: scripts/audit_seo.py reads content from files matching common web extensions (e.g., .html, .vue, .astro).
  • Boundary markers: The agent is instructed to present findings for review before taking action, providing a human-in-the-loop checkpoint.
  • Capability inventory: The agent has file-writing capabilities to implement fixes and execution rights for the audit script.
  • Sanitization: The script uses the standard HTMLParser to extract specific tags (meta, title, script), which limits the exposure to arbitrary content within the files. The risk is low and inherent to the skill's purpose of auditing codebases.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 12:24 AM