SEO Writer

The skill consists of a README.md, SKILL.md, and _meta.json file. All files were thoroughly reviewed for malicious patterns across all 9 threat categories.

1. Prompt Injection: No patterns indicative of prompt injection (e.g., 'IMPORTANT: Ignore', 'Override', 'jailbreak' instructions) were found in SKILL.md or README.md. The instructions are focused on guiding the AI's content generation process.
2. Data Exfiltration: No commands or instructions for accessing sensitive file paths (e.g., ~/.aws/credentials, ~/.ssh/id_rsa) or performing network operations (e.g., curl, wget, fetch) were found in any of the files.
3. Obfuscation: No obfuscation techniques such as Base64 encoding, zero-width characters, Unicode homoglyphs, or URL/hex/HTML encoding were detected in any part of the skill files.
4. Unverifiable Dependencies: The skill itself does not instruct the AI to install any external packages (e.g., npm install, pip install) or download scripts. The clawhub install commands listed in SKILL.md are examples for the user to install other skills, not dependencies for this skill. The URLs provided (e.g., https://afrexai-cto.github.io/context-packs/, https://github.com/openclaw/skills/commit/...) are informational links or references to other resources, not instructions for the skill to fetch or execute code.
5. Privilege Escalation: No commands or instructions that would attempt to escalate privileges (e.g., sudo, chmod +x, chmod 777) were found.
6. Persistence Mechanisms: No instructions for creating persistence mechanisms (e.g., modifying .bashrc, creating cron jobs) were found.
7. Metadata Poisoning: The _meta.json file and the YAML front matter in SKILL.md contain standard, benign metadata. No malicious instructions were embedded in these fields.
8. Indirect Prompt Injection: While any generative AI skill can be susceptible to indirect prompt injection if it processes untrusted external content, this skill primarily takes direct user input for its parameters (keyword, audience, tone). It does not process external documents, emails, or web pages, thus mitigating this specific vector.
9. Time-Delayed / Conditional Attacks: No conditional logic based on time, usage, or environment variables that could trigger malicious behavior was found.

Conclusion: This skill is a purely descriptive, natural-language instruction set for an AI. It contains no executable components, making it safe to use.