seo-audit
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
- Ingestion points: The script
scripts/seo_checker.pyfetches and parses content from external URLs provided for auditing. - Boundary markers: No delimiters or protective instructions are used to separate user data from agent instructions.
- Capability inventory: The skill can perform network requests and access local files via its scripts.
- Sanitization: HTML content from analyzed sites is processed without filtering potential malicious instructions embedded in tags.
- [DATA_EXFILTRATION]: The
scripts/seo_checker.pyscript usesurllib.request.urlopenwhich can be misused for network probing. - Evidence: The script fetches arbitrary URLs without restricting protocols or domains.
- Risk: An attacker could potentially use the agent to perform SSRF attacks against internal services or metadata endpoints by providing crafted URLs to the audit tool.
Audit Metadata