seo-dataforseo
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local shell and Python scripts for installation and cost tracking.
- Evidence:
SKILL.mdreferences executing./extensions/dataforseo/install.shandpython scripts/dataforseo_costs.pyfor cost estimation and logging. - Context: These scripts are part of the skill's infrastructure but are not included in the provided definition, making their internal logic unverifiable.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external search engines, social media, and AI platforms.
- Ingestion points: Data enters the context via
serp_organic_live_advanced(search results),serp_youtube_video_comments_live_advanced(user comments),on_page_content_parsing(raw website text), andai_optimization_chat_gpt_scraper(AI responses). - Boundary markers: The instructions do not define clear delimiters or specify that the agent should ignore instructions embedded within the retrieved SEO data.
- Capability inventory: The agent has the capability to execute scripts (
dataforseo_costs.py) and perform network operations via the DataForSEO MCP server. - Sanitization: No explicit sanitization or filtering of the retrieved web content is mentioned before it is processed by the agent.
Audit Metadata