Skills
skills/agricidaniel/claude-seo/seo-dataforseo/Gen Agent Trust Hub

seo-dataforseo

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is instructed to execute local Python scripts (scripts/dataforseo_costs.py) to perform cost estimation and logging for API usage. It also provides a shell command for the user to install the required extension (./extensions/dataforseo/install.sh).
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface (Category 8).
  • Ingestion points: The agent fetches and processes untrusted data from external sources, including website content (via on_page_content_parsing), Lighthouse audits, and ChatGPT search results (via ai_optimization_chat_gpt_scraper).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between the fetched data and its system instructions.
  • Capability inventory: The skill allows the agent to execute local scripts and use a wide range of MCP tools for network operations.
  • Sanitization: The instructions do not mention any sanitization, filtering, or validation of the content retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 03:09 AM