seo-geo
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted HTML content from external URLs, creating a vulnerability for indirect prompt injection where malicious instructions embedded in a website could attempt to hijack the agent's logic.\n
- Ingestion points: Website content is ingested via
scripts/seo_audit.pyandcurlcommands inSKILL.md.\n - Boundary markers: The skill does not provide delimiters or system instructions to the agent to treat external content as data rather than instructions.\n
- Capability inventory: The agent is granted
Read,Write, andWebSearchtools, and can execute local Python scripts.\n - Sanitization: No sanitization is performed on the fetched content beyond basic regular expression extraction of meta tags.\n- [COMMAND_EXECUTION]: The skill relies on the execution of local processes, specifically a Python script (
scripts/seo_audit.py) and common CLI utilities (curl,grep,open) to perform technical analysis and display results.
Audit Metadata