seo-backlinks
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's core functionality depends on executing local Python scripts and a shell installation script.
- Evidence: SKILL.md specifies the execution of
scripts/backlinks_auth.py,scripts/moz_api.py,scripts/bing_webmaster.py,scripts/commoncrawl_graph.py,scripts/verify_backlinks.py, and the installation script./extensions/dataforseo/install.sh. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) by processing untrusted data from external link profiles.
- Ingestion points: Backlink anchor texts and source URLs are retrieved from external providers like Moz, Bing, and Common Crawl (SKILL.md Sections 1-4).
- Boundary markers: None. There are no instructions to wrap or delimit external data to prevent it from being interpreted as instructions.
- Capability inventory: The skill has access to subprocess execution (python scripts) and local filesystem writes (
.seo-cache/directory). - Sanitization: The instructions do not define any sanitization, filtering, or validation steps for the external data before it is incorporated into the analysis report.
Audit Metadata