seo-programmatic
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external structured data (CSV, JSON, APIs) and uses the WebFetch tool to audit live URLs. This creates a surface for indirect prompt injection where instructions embedded in the external data or fetched web pages could influence the agent's behavior.
- Ingestion points: Structured data files (CSV, JSON), API endpoints, and database queries mentioned in the 'Data Source Assessment' section, as well as live URLs accessed via WebFetch in the 'Error Handling' section.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions to isolate untrusted external content from the core instructions.
- Capability inventory: The skill's environment includes tools such as Bash, WebFetch, Read, and Write, which increase the potential impact of an injection attack.
- Sanitization: There are no instructions provided for validating, escaping, or sanitizing external content before it is processed by the agent.
Audit Metadata