skills/adobe/skills/heading-optimizer/Gen Agent Trust Hub

heading-optimizer

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches external content from Adobe Experience Manager (AEM) Edge Delivery Services pages, such as .plain.html variants and query-index.json, for heading extraction and analysis. This behavior is restricted to user-provided domains via explicit safety instructions.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from external websites. Ingestion points: External content from URLs provided by the user (SKILL.md, Step 1). Boundary markers: The 'External Content Safety' section (SKILL.md) provides explicit instructions to treat all fetched content as untrusted input. Capability inventory: The agent fetches web content to perform SEO auditing and generates suggestions. Sanitization: The skill contains clear directives not to execute scripts or interpret dynamic content from fetched pages.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 11:50 PM
Security Audit — agent-trust-hub — heading-optimizer