geo-aeo-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from audited websites. Ingestion points: Website metadata and headings are extracted by
scripts/analyze_page.py. Boundary markers: The prompts inscripts/discover_competitors.pydo not utilize delimiters to isolate website-provided text. Capability inventory: The skill can fetch arbitrary URLs and call the OpenAI API. Sanitization: Metadata is used in prompts without sanitization or escaping. - [COMMAND_EXECUTION]: The workflow executes local Python scripts with parameters derived from user input, including brand names, URLs, and OpenAI API keys. This poses a potential command injection risk if the agent's shell execution environment does not properly sanitize arguments.
Audit Metadata