geo-content-optimizer
Warn
Audited by Snyk on Apr 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly accepts content or a URL ("Optimize this content for GEO/AI citations: [content or URL]") and its required workflow (SKILL.md Step 2 "Analyze Current Content" plus references/ai-overview-recovery.md Phase 1.2 describing incognito/SERP checks and competitor page analysis) requires fetching and interpreting public web pages/serp/competitor content, which are untrusted third‑party sources that can influence decisions and next actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill explicitly states it "Reads" and "MUST consult" external docs at runtime (e.g., https://github.com/aaron-he-zhu/seo-geo-claude-skills/blob/main/CLAUDE.md), meaning the agent will fetch that GitHub content to populate prompts/instructions and the skill treats it as a required dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata