seo-fundamentals
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override agent safety protocols or bypass constraints were found in the documentation or the audit script.
- [Data Exposure & Exfiltration] (SAFE): The script reads local file content to verify SEO metadata but does not access sensitive system paths (e.g., .ssh, .aws) and lacks network capabilities to exfiltrate data.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not download external packages or execute remote scripts. It relies solely on the Python standard library.
- [Indirect Prompt Injection] (SAFE): The script ingests untrusted local file data (Ingestion: file_path.read_text() in seo_checker.py). While boundary markers are absent, the script possesses no dangerous capabilities such as network access or file-writing, and it sanitizes data by returning only aggregated metrics and counts rather than raw file content, mitigating the risk of data being interpreted as instructions.
- [Dynamic Execution] (SAFE): No use of eval(), exec(), or runtime compilation was detected.
Audit Metadata