seo-geo
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data from external websites.
- Ingestion points:
scripts/seo_audit.pyand variouscurlcommands inSKILL.mdfetch and display HTML metadata (titles, descriptions, H1 tags) from arbitrary URLs. - Boundary markers: Absent. The scripts output the extracted strings directly to the agent's context without using protective delimiters or 'ignore' instructions.
- Capability inventory: The skill has the ability to execute shell commands, interact with a paid SEO API, and open browser windows.
- Sanitization: Minimal. The script uses regex for extraction but does not sanitize the content of the tags for adversarial instructions.
- [Command Execution] (SAFE): The skill utilizes local Python scripts and standard system commands like
curlandgrep. These operations are well-documented in theSKILL.mdand are necessary for the skill's primary purpose of auditing web pages. - [External Downloads] (SAFE): Network communication is directed to the DataForSEO API and user-provided URLs for analysis. The script
scripts/credential.pycorrectly retrieves credentials from environment variables (DATAFORSEO_LOGIN,DATAFORSEO_PASSWORD) rather than hardcoding them, adhering to security best practices.
Audit Metadata