Skills
skills/manusco/resonance/resonance-seo/Gen Agent Trust Hub

resonance-seo

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is explicitly instructed to ingest and process external, untrusted content from 'competitor' websites and sitemaps (e.g., in references/semantic_topical_map.md and references/seo_audit_protocol.md).
  • Ingestion points: Uses read_file and potentially run_command (for scraping) to access external data.
  • Boundary markers: There are no instructions defining clear boundaries or ignoring embedded instructions within the data being audited.
  • Capability inventory: The agent has write_file, edit_file, and run_command permissions, allowing it to modify the local codebase based on instructions found in audited data.
  • Sanitization: No evidence of sanitization or validation of the content being read before it is used to guide file edits or command execution.
  • Command Execution (MEDIUM): The skill uses run_command for SEO tasks like running npx lighthouse (references/seo_audit_checklist.md). While legitimate for the role, this provides an execution vector if the command parameters are influenced by malicious data ingested during an audit.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:26 PM