seo-audit
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts to perform core functions including data fetching, authentication checks, and reporting. Evidence: references to scripts/fetch_page.py, scripts/google_auth.py, scripts/backlinks_auth.py, scripts/drift_history.py, and scripts/google_report.py in SKILL.md.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting data from external URLs.
- Ingestion points: The skill fetches the homepage and crawls up to 500 pages using scripts/fetch_page.py.
- Boundary markers: Absent; there are no explicit instructions to ignore embedded commands or use delimiters for the fetched HTML.
- Capability inventory: The skill can execute local Python scripts and delegate tasks to numerous specialized sub-agents.
- Sanitization: The instructions do not specify any validation or sanitization for the ingested web content.
- [EXTERNAL_DOWNLOADS]: The skill performs automated crawling and fetching of external website content for audit purposes. Evidence: The audit process involves fetching page HTML from user-provided URLs via scripts/fetch_page.py.
Audit Metadata