Skills
skills/skillssh/skills/seo-content-brief/Gen Agent Trust Hub

seo-content-brief

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI to run external apps for search and extraction. This is restricted by the allowed-tools frontmatter configuration.
  • [EXTERNAL_DOWNLOADS]: The skill references a CLI installation script hosted on the author's GitHub repository (inference-sh/skills).
  • [DATA_EXFILTRATION]: Research queries and URL content are transmitted to the inference.sh platform and its integrated services (Tavily, Exa) for processing.
  • [PROMPT_INJECTION]: The skill processes untrusted content from the web, creating a surface for indirect prompt injection. Ingestion points: Web content from tavily/extract and search results from tavily/search-assistant. Boundary markers: None present in the instructions to prevent the agent from obeying embedded instructions. Capability inventory: Execution of the infsh CLI tool. Sanitization: No sanitization of the external content is performed before it is used to generate the content brief.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 07:30 PM