Skills
skills/ulpi-io/skills/browse-seo/Gen Agent Trust Hub

browse-seo

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the browse CLI via Bash to interact with target URLs, capture screenshots, and execute JavaScript for data extraction. These operations are restricted to the browser environment and are necessary for the skill's primary function of SEO auditing.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data from external, untrusted websites, which presents a surface for indirect prompt injection.
  • Ingestion points: Data is pulled from external URLs via commands like browse meta, browse headings, browse schema, and browse text (SKILL.md).
  • Boundary markers: There are no explicit instructions to the agent to treat the extracted website content as untrusted data or to use delimiters to separate it from instructions.
  • Capability inventory: The skill possesses the capability to execute shell commands (Bash) and read files.
  • Sanitization: The instructions do not specify any sanitization, validation, or escaping of the content retrieved from the audited websites before the agent analyzes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 06:29 AM