Skills
skills/norahe0304-art/30x-seo/30x-seo-backlinks/Gen Agent Trust Hub

30x-seo-backlinks

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute curl commands for querying the DataForSEO API. This involves command substitution to include local authentication data.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8).
  • Ingestion points: User-provided domain names and competitor URLs are interpolated into JSON payloads for curl commands.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are present in the command templates.
  • Capability inventory: The skill has permissions for Bash execution and network access via curl.
  • Sanitization: The provided templates do not include logic for sanitizing or escaping user-provided domain inputs before shell interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 02:01 AM