seo-plan
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection through its data ingestion practices.
- Ingestion points: Untrusted data enters the agent context when the skill uses the
WebFetchtool to analyze competitor websites or when it uses DataForSEO tools to retrieve external intelligence (documented inSKILL.md). - Boundary markers: The instructions lack explicit delimiters or "ignore embedded instructions" warnings to separate fetched web content from the agent's primary instructions.
- Capability inventory: The skill has access to high-privilege tools including
Bash,Write, andWebFetch(listed inallowed-tools), which could be leveraged if the agent obeys malicious instructions embedded in a processed website. - Sanitization: No sanitization, filtering, or validation logic is defined for the content retrieved from external URLs.
Audit Metadata