seo-audit
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown instructions and YAML metadata. No executable code (Python, JavaScript, Shell) or binaries are included in the package.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection via untrusted data inputs.
- Ingestion points: Processes site-specific context provided by the user and reads data from
.claude/product-marketing-context.md(SKILL.md). - Boundary markers: Absent. There are no delimiters or explicit instructions to treat external data as untrusted or to ignore embedded instructions.
- Capability inventory: Display and reasoning only. The skill generates text-based audit reports but lacks capabilities for file modification, network requests, or subprocess execution.
- Sanitization: Absent. There is no validation or filtering of the content retrieved from the marketing context file.
Audit Metadata