meta-tags-optimizer
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious code, data exfiltration patterns, or unauthorized command executions were detected within the skill's instructions or referenced files. The skill's primary function of writing to local memory files (e.g.,
memory/content/,memory/hot-cache.md) is a standard practice for maintaining session state. - [PROMPT_INJECTION]: The skill ingests untrusted data in the form of user-provided page content and URLs for SEO analysis. While this represents a potential surface for indirect prompt injection, it is managed as follows:
- Ingestion points: Page URL and content provided as arguments in
SKILL.md. - Boundary markers: None identified; instructions do not explicitly define delimiters for untrusted content.
- Capability inventory: Restricted to text generation and local filesystem writes to the
memory/directory. No tools for network exfiltration or subprocess execution are utilized in the provided files. - Sanitization: No explicit validation or filtering of input content is performed.
- Assessment: This surface is intrinsic to the skill's purpose, and no active exploitation patterns were found.
- [EXTERNAL_DOWNLOADS]: All external URL references target the author's own official GitHub repository for documentation, state models, and HTML code templates. These references are used for configuration and guidance purposes and do not involve the execution of untrusted remote code.
- [COMMAND_EXECUTION]: The skill does not contain instructions for executing shell commands, modifying system configurations, or implementing persistence mechanisms.
Audit Metadata