seo
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The instructions are focused on SEO principles and do not contain markers for bypassing safety filters, overriding system instructions, or extracting system prompts.
- [Data Exposure & Exfiltration] (SAFE): The skill does not perform any network operations, access sensitive file paths (like credentials or SSH keys), or contain hardcoded secrets.
- [Remote Code Execution] (SAFE): No external scripts are downloaded, and there are no patterns involving the execution of remote content (e.g., curl | bash).
- [Command Execution] (SAFE): The skill does not invoke subprocesses, shell commands, or perform any administrative operations like privilege escalation.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill processes untrusted user data in the form of HTML, TSX, JSX, and Markdown files through its validation system.
- Boundary markers: None explicitly defined within the skill files to separate data from instructions.
- Capability inventory: The skill is limited to static regex validation and providing diagnostic messages. It lacks capabilities to write files, make network requests, or execute code.
- Sanitization: The skill relies on regex matching for detection but does not explicitly sanitize output. However, given its 'display only' nature for providing advice, the risk remains low.
Audit Metadata