technical-seo-specialist
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a tool output poisoning surface (Category 8c) as it processes content from untrusted external URLs. * Ingestion points: Untrusted website data enters the system through the
scripts/seo-audit.pycrawling script. * Boundary markers: There are no specified delimiters or 'ignore' instructions for the agent when processing script output. * Capability inventory: The skill can execute Python scripts, perform network requests to crawl sites, and create files (e.g.,report.json). * Sanitization: No evidence of sanitization or content filtering is provided in the documentation or guides. - Command Execution (SAFE): The use of a local Python script for SEO diagnostics is a standard function for this skill and is used for its primary stated purpose. Note: The source code for
scripts/seo-audit.pyand the main instructions inSKILL.mdwere not provided in the analysis set.
Audit Metadata