seo-sxo
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from the target URL and search engine results to perform its analysis. This is an inherent attack surface for any web-parsing tool.
- Ingestion points: External data enters the agent context via
scripts/fetch_page.pyand search results obtained throughWebSearch(SKILL.md, Step 1 & 2). - Boundary markers: The instructions do not define specific prompt delimiters (like XML tags or triple quotes) for the external content, though the highly structured execution pipeline provides implicit task boundaries.
- Capability inventory: The skill utilizes file fetching and search capabilities. It does not request access to sensitive local files, credentials, or administrative privileges.
- Sanitization: The skill's documentation notes that the fetch mechanism is 'SSRF-safe', indicating proactive mitigation against infrastructure-level request forgery.
Audit Metadata