seo-article-gen
Warn
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: MEDIUMNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (MEDIUM): The primary entry point 'index.js' referenced in 'package.json' and 'test.js' is absent from the skill package. This renders the skill non-functional and suggests the actual logic is either missing or intended to be dynamically fetched, which cannot be verified.\n- [PROMPT_INJECTION] (MEDIUM): The skill exhibits an Indirect Prompt Injection (Category 8) vulnerability surface due to its data processing model.\n
- Ingestion points: User-provided 'keyword' and 'seed' strings, and untrusted external web content via the 'analyzeCompetitors' function.\n
- Boundary markers: The documentation and configuration files show no evidence of delimiters or 'ignore embedded instructions' warnings for the LLM.\n
- Capability inventory: The skill is designed to retrieve external web data and generate articles for publication, which could be used to influence the agent or the final reader.\n
- Sanitization: No sanitization or validation logic is present to prevent instructions embedded in keywords or competitor pages from hijacking the generation process.
Audit Metadata