seo-technical-audit
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The skill executes network requests to domains not on the whitelist, specifically api.ssllabs.com and webpagetest.org. While appropriate for SEO, these are unverified external endpoints.
- [PROMPT_INJECTION] (LOW): The skill processes untrusted web data, creating an indirect injection surface. Evidence: 1. Ingestion: Website content fetched via curl. 2. Boundary markers: Absent. 3. Capability inventory: curl, grep, and Python-based parsing scripts. 4. Sanitization: Structural extraction using BeautifulSoup.
- [COMMAND_EXECUTION] (SAFE): Curl and grep are used for legitimate technical diagnostics.
- [EXTERNAL_DOWNLOADS] (SAFE): References lighthouse and Google API clients; these are downgraded to SAFE as they originate from a trusted organization (Google).
Audit Metadata