Skills
skills/oimiragieo/agent-studio/seo-optimization/Gen Agent Trust Hub

seo-optimization

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses npx lighthouse to perform performance and SEO audits. While npx can execute remote packages, lighthouse is a well-known and trusted tool maintained by Google.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes curl to fetch robots.txt and sitemap.xml files from user-specified target domains for technical SEO auditing.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external websites using WebFetch and WebSearch. * Ingestion points: External website content fetched via WebFetch and WebSearch tools. * Boundary markers: The instructions do not define specific delimiters or warnings to ignore instructions within the fetched web content. * Capability inventory: The skill has access to powerful tools including Bash, Write, and Edit. * Sanitization: There is no explicit sanitization or validation of the content retrieved from external URLs before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 10:35 AM