seo-schema
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes content from untrusted external sources.
- Ingestion points: As described in
SKILL.md, the agent scans page source code for JSON-LD, Microdata, and RDFa, which are attacker-controllable fields. - Boundary markers: The instructions do not define boundary markers or safety guidelines to ignore instructions that might be embedded within the structured data of a website.
- Capability inventory: The skill has the capability to generate and write local files, specifically
SCHEMA-REPORT.mdandgenerated-schema.json. - Sanitization: There is no mention of sanitizing or escaping the data extracted from page sources before it is processed by the agent.
Audit Metadata