seo-autopilot
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes the exec tool to run a bash script (scripts/run.sh). The script is considered low risk because it includes a hardcoded allowlist that validates the site argument, effectively preventing arbitrary command injection.
- PROMPT_INJECTION (LOW): The skill has a surface for indirect prompt injection through external data processing. 1. Ingestion points: The agent reads the output of the seo-autopilot command (via scripts/run.sh) and the contents of SEO_REPORT.md. 2. Boundary markers: No delimiters or protective instructions are used to isolate untrusted content from the agent. 3. Capability inventory: The skill has access to the exec tool for running system commands. 4. Sanitization: No sanitization or filtering is performed on the command output or the report file content before it is processed by the agent.
Audit Metadata