search-visibility-optimizer
Warn
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's workflow in
SKILL.mdexecutes local Python scripts by interpolating user-provided variables such as{domain}and{url}directly into shell commands. This creates a potential command injection vulnerability if the inputs contain shell metacharacters.\n- [CREDENTIALS_UNSAFE]: The skill asks for a user's OpenAI API key and passes it as a command-line argument (--api-key {KEY}) to the discovery script. Credentials passed in this manner may be exposed in process lists or system logs.\n- [EXTERNAL_DOWNLOADS]: The skill uses a web fetching tool to download HTML and configuration files from user-specified external URLs for analysis. While this is the intended use, it involves interacting with unknown remote entities.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted content from external websites.\n - Ingestion points: Scraped HTML content from the target URL (Step 3a).\n
- Boundary markers: None used when passing the parsed data to the agent for scoring or fix generation.\n
- Capability inventory: The skill generates JSON-LD schema, robots.txt fixes, and content rewrites (Step 6).\n
- Sanitization: No sanitization or filtering is applied to the external content before it is processed by the agent to generate output.
Audit Metadata