Skills
skills/themattberman/seo-kit/seo-links/Gen Agent Trust Hub

seo-links

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes several Bash scripts (link-mine.sh, link-mentions.sh, link-broken.sh, link-internal.sh, and link-prospect.sh) which the agent is instructed to execute to perform SEO analysis and data retrieval.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes untrusted data from the web.
  • Ingestion points: All scripts in the scripts/ directory ingest data from external sources, including page titles, descriptions, and full HTML bodies from the DataForSEO API and arbitrary web pages.
  • Boundary markers: No delimiters or boundary markers are used to separate untrusted external content from the agent's instructions in the output.
  • Capability inventory: The skill has the capability to perform network requests (curl) and parse data (jq, grep) within shell scripts.
  • Sanitization: There is no evidence of sanitization, escaping, or filtering of the retrieved web content before it is presented to the agent.
  • [DATA_EXFILTRATION]: The scripts perform network operations using curl to reach non-whitelisted domains. In particular, link-broken.sh crawls arbitrary outbound links found on external pages to check their HTTP status. This behavior presents a surface for Server-Side Request Forgery (SSRF) if the skill is used to interact with internal or restricted network resources through discovered links.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 07:27 PM