ai-backlink-analyzer

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes content from external URLs and uploaded files, which introduces an attack surface for indirect prompt injection. Malicious instructions placed on an analyzed website or within an SEO file could potentially influence the agent's behavior during analysis. \n
  • Ingestion points: The materialUrl and materialFile fields in references/form-schema.json allow for the input of external, untrusted content. \n
  • Boundary markers: The current configuration does not specify explicit delimiters or instructions to ignore embedded commands in the ingested content. \n
  • Capability inventory: The scripts/run.py script executes the analysis by sending data to the API and displaying results; it does not execute the output as shell commands or code. \n
  • Sanitization: No sanitization or filtering of external content is performed in the local runner script. \n- [COMMAND_EXECUTION]: Includes a Python script (scripts/run.py) intended for users to run locally. This script is a legitimate utility for communicating with the AI Skills API and does not perform any unauthorized command execution or shell spawning. \n- [EXTERNAL_DOWNLOADS]: The runner script makes outbound network requests to ai-skills.ai to perform its core analysis tasks. This communication is restricted to the platform's official infrastructure. \n- [SAFE]: The skill demonstrates secure development practices, such as requiring credentials to be provided via environment variables rather than being hardcoded in the source files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:30 AM
Security Audit — agent-trust-hub — ai-backlink-analyzer