seo-optimizer
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to crawl and audit external websites (Phase 1). Malicious content on these sites (e.g., hidden HTML comments or metadata) could attempt to manipulate the agent's behavior during the audit process.
- Ingestion points: Phase 1: "Crawl the site (Screaming Frog, Sitebulb, or custom script)" involves reading data from external web pages.
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands in the crawled data are provided.
- Capability inventory: The skill implies the agent will perform network requests to access websites and may generate reports based on the findings.
- Sanitization: There are no instructions for the agent to sanitize or filter the content retrieved from external sites before processing it.
- [COMMAND_EXECUTION]: Phase 1 suggests using a "custom script" for crawling. This instruction may lead the agent to generate and execute its own code to perform the site audit, which is a form of dynamic execution.
Audit Metadata