Skills
skills/agricidaniel/claude-seo/seo-images/Gen Agent Trust Hub

seo-images

Warn

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple system binaries including exiftool, cwebp, convert (ImageMagick), and ffmpeg to process image files. The /seo images optimize <path> command accepts a path argument which is used directly in shell commands.
  • [PRIVILEGE_ESCALATION]: Instructions include the use of sudo apt install to install system dependencies (libimage-exiftool-perl and webp), which requires administrative access to the host system.
  • [EXTERNAL_DOWNLOADS]: The skill relies on and recommends the installation of external software packages from system repositories to perform its primary functions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: The skill fetches images from external URLs and reads image metadata (IPTC, XMP, EXIF) via exiftool in SKILL.md.
  • Boundary markers: There are no specific delimiters or instructions to ignore embedded content within the metadata results.
  • Capability inventory: The skill possesses extensive local execution capabilities including exiftool, cwebp, convert, and ffmpeg as documented in SKILL.md.
  • Sanitization: No evidence of sanitization or validation of the metadata content before it is processed by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 11, 2026, 10:11 PM