The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The file context7.json contains a hardcoded public key (pk_Qqf4kENGcgSleLFE3J8jT) which follows the naming convention of a Stripe API key.
[DATA_EXFILTRATION]: The skill contains a security audit rule in src/rules/security/leaked-secrets.ts that identifies and extracts secrets such as AWS keys, GitHub tokens, and private keys from the audited website's HTML and JavaScript. While intended for security auditing, this functionality facilitates the collection of sensitive credentials from analyzed targets into the AI's context and chat history.
[EXTERNAL_DOWNLOADS]: The skill uses the playwright (v1.49.1) library which typically performs external downloads of browser binaries (Chromium, etc.) during setup or execution.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes untrusted content from external websites. Ingestion points: src/crawler/fetcher.ts and src/crawler/crawler.ts fetch external HTML content. Boundary markers: The skill uses XML tagging in src/reporters/llm-reporter.ts to separate results, but these markers can be confused by malicious instructions within the site's content. Capability inventory: The skill allows execution of Bash commands via the seomator CLI. Sanitization: Basic XML escaping is performed in src/reporters/llm-reporter.ts via the escapeXml function.

seo-audit