seo-roast
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Unverifiable Dependencies] (MEDIUM): The skill contains instructions to execute
npm install -g agent-browserif the tool is not found. Installing global packages from non-trusted registries or without version pinning is a security risk as it can lead to the execution of malicious code during the installation or usage phase. - [Indirect Prompt Injection] (LOW): The skill is designed to fetch and analyze content from arbitrary user-provided URLs, which is a significant attack surface for indirect prompt injection.
- Ingestion points: External web content is retrieved using
agent-browseror a browser MCP. - Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the target page's content.
- Capability inventory: The agent has the ability to install global NPM packages, write local files (
report.html), and perform browser-based network operations. - Sanitization: Absent. There is no requirement to sanitize or filter the content retrieved from the web before it is processed or rendered into the final HTML report.
- [Command Execution] (LOW): The skill relies on executing CLI commands (
agent-browser) with arguments derived from external inputs (URLs). While the commands themselves are functional, they could be abused if the agent is manipulated into passing malicious flags or local file paths (e.g.,file:///) to the browser tool.
Audit Metadata