programmatic-seo-spy
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from competitor websites, presenting an indirect prompt injection surface. 1. Ingestion points: Data is ingested via
site-content-catalogandfetch_webpagetools. 2. Boundary markers: No explicit delimiters or ignore instructions are provided for external content. 3. Capability inventory: The agent can execute shell commands, perform web searches, and write files. 4. Sanitization: No sanitization of crawled content is specified. - [COMMAND_EXECUTION]: The skill executes local Python scripts to perform core crawling and analysis functions. Evidence: The skill invokes
python3 skills/site-content-catalog/scripts/catalog_site.py --url "<competitor_url>" --output jsonusing user-supplied URLs.
Audit Metadata