seo-local
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from user-provided URLs to perform SEO analysis, creating a surface for indirect prompt injection.
- Ingestion points: Content is fetched from the website specified in the [url] argument using tools like WebFetch or DataForSEO MCP tools.
- Boundary markers: The instructions do not specify the use of delimiters (e.g., XML tags, triple quotes) or explicit system-level warnings to ignore instructions found within the analyzed website content.
- Capability inventory: The agent has the capability to read and write to the local file system, including creating a .seo-cache/ directory and accessing files in the parent directory (../seo/references/). It also has the ability to execute external SEO data tools.
- Sanitization: No sanitization, validation, or escaping of the fetched website content is described in the logic for detecting business types or industry verticals.
Audit Metadata