boring-programmatic-seo
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any instructions for remote code execution, unauthorized data access, or privilege escalation. It functions as a set of logical rules for an AI agent to process text and data.
- [DATA_EXPOSURE_AND_EXFILTRATION]: While the skill reads several files from a
world-code/directory, these are defined as 'foundation files' containing branding information (voice, method, etc.). Access is confined to the local environment, and there are no commands to transmit this data to external servers. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from
world-code/*.mdfiles and user-provided data sources. - Ingestion points:
world-code/voice.md,world-code/climax.md,world-code/method.md,world-code/creation.md,world-code/conversation.md,world-code/crossing.md, and user-provided data for templates. - Boundary markers: Not present.
- Capability inventory: Text generation only; no subprocess, network, or file-writing capabilities detected.
- Sanitization: No explicit sanitization of input data is described.
- Risk: Low. The skill is designed to synthesize this information into SEO content, and without destructive capabilities, the risk of malicious injection leading to harm is negligible.
Audit Metadata