seo-competitor-pages
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the WebFetch tool to access and retrieve data from external competitor URLs. While functional, this involves network requests to non-whitelisted domains.
- [PROMPT_INJECTION]: The skill processes content fetched from external websites through the WebFetch tool (SKILL.md). This creates a surface for indirect prompt injection where malicious instructions embedded in a target website could attempt to influence the agent's behavior. The skill lacks explicit boundary markers or sanitization instructions for handling this untrusted input. Capability inventory includes tool access to Bash, WebFetch, Read, Grep, and Glob.
Audit Metadata