skills/adobe/skills/product-page-seo/Gen Agent Trust Hub

product-page-seo

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches external HTML content from user-provided URLs for the purpose of SEO auditing. It includes a dedicated 'External Content Safety' section that provides clear constraints, such as only fetching explicitly provided URLs and not following redirects to unauthorized domains.
  • [COMMAND_EXECUTION]: The skill utilizes standard command-line utilities (curl and grep) to retrieve and inspect public metadata like meta tags and JSON-LD structured data. These operations are transparent, limited in scope, and consistent with the skill's stated SEO auditing purpose.
  • [PROMPT_INJECTION]: The skill processes untrusted external HTML data, which represents an indirect prompt injection surface. Ingestion points: HTML content retrieved via curl in SKILL.md. Boundary markers: A dedicated safety section explicitly instructs the agent to ignore any embedded instructions and treat fetched content as untrusted input. Capability inventory: The skill uses curl and grep to process the data but does not pass it to high-risk sinks like eval or system shells. Sanitization: Instructions specifically mandate that the agent must not execute scripts or interpret dynamic content from the fetched pages.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 11:50 PM
Security Audit — agent-trust-hub — product-page-seo