The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from external websites via web fetching tools, creating a potential surface for indirect prompt injection. This is an inherent risk for tools that analyze external web data. Ingestion points: Website HTML fetched from user-provided URLs via web_fetch or curl. Boundary markers: None specified in the instructions. Capability inventory: Network access and browser JavaScript execution. Sanitization: No explicit sanitization of fetched content is performed.
[DYNAMIC_EXECUTION]: The skill recommends using a browser tool to execute specific JavaScript commands (document.querySelectorAll) for detecting schema markup. This execution is limited to data extraction within a browser environment and is a standard procedure for technical SEO analysis.
[DATA_EXPOSURE_AND_EXFILTRATION]: The skill is designed to read a specific local file (.claude/product-marketing-context.md) to incorporate business context into its analysis. This is a targeted read of a non-sensitive configuration file intended for the agent's personalization and does not involve access to protected system credentials or user secrets.

seo-audit