Skills
skills/agricidaniel/codex-seo/seo-page/Gen Agent Trust Hub

seo-page

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it retrieves and processes untrusted content from external websites to perform SEO audits.
  • Ingestion points: Content from user-provided URLs is ingested for analysis (SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or safety markers to differentiate between the agent's instructions and the external data being analyzed.
  • Capability inventory: The agent is instructed to read/write files in the .seo-cache/ directory, perform relative file path access (../seo/references/), and use external MCP tools (DataForSEO) (SKILL.md).
  • Sanitization: There are no instructions for sanitizing or escaping the retrieved web content before it is processed.
  • [COMMAND_EXECUTION]: The skill directs the agent to modify local project configuration files.
  • Evidence: The instructions require the agent to add .seo-cache/ to the .gitignore file if it is not already present (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 11:13 PM