The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides instructions for the agent to use sudo apt install to install system packages such as libimage-exiftool-perl and webp. This behavior involves requesting elevated administrative privileges to modify the host system environment.
[COMMAND_EXECUTION]: The workflow relies on the execution of several CLI tools, including exiftool, cwebp, convert, and ffmpeg, to manipulate files. These tools are executed on paths provided by the user or discovered during the SEO audit, which may include untrusted content.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ingestion of data from external image files and search engine results.
Ingestion points: The skill reads metadata (IPTC, XMP, EXIF) from image files fetched from external URLs or local paths using tools like exiftool and identify.
Boundary markers: There are no instructions to use boundary markers or delimiters to isolate untrusted image metadata from the rest of the agent's context.
Capability inventory: The agent has the ability to execute shell commands, perform system-level installations via sudo, and write to local directory paths (e.g., .seo-cache/).
Sanitization: The skill does not include steps to sanitize, escape, or validate the metadata extracted from images before it is used in command-line arguments or displayed in reports.

seo-images