Skills
skills/nikiandr/goose-skills/seo-domain-analyzer/Gen Agent Trust Hub

seo-domain-analyzer

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches SEO data and keyword rankings from well-known services including Apify, Google, and SimilarWeb.- [COMMAND_EXECUTION]: The skill executes a Python script to orchestrate API calls, process metrics, and write JSON/Markdown reports to specified local paths.- [PROMPT_INJECTION]: The skill ingests untrusted data from external web scrapers (Semrush and Ahrefs public pages) which is then used to generate reports. This presents a potential surface for indirect prompt injection if malicious content is embedded in the scraped page titles or descriptions.
  • Ingestion points: scripts/analyze_domain.py via run_apify_actor and requests.get.
  • Boundary markers: Absent; scraped content is interpolated directly into report structures.
  • Capability inventory: File-system write access via --output and --markdown arguments, and network access to well-known domains.
  • Sanitization: No explicit sanitization or filtering of scraped strings before output generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 11:42 AM