ai-internal-linking-optimizer
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data, creating a potential surface for indirect prompt injection. 1. Ingestion points: Data enters via the
materialText,materialFile, andmaterialUrlparameters inSKILL.mdandreferences/form-schema.json. 2. Boundary markers: The instructions lack explicit delimiters or warnings to ignore instructions embedded in the provided SEO materials. 3. Capability inventory: Thescripts/run.pyscript performs network requests to transmit data to the processing API. 4. Sanitization: No sanitization or validation of the input content was observed in the provided files. - [EXTERNAL_DOWNLOADS]: The skill allows the ingestion of content from user-provided URLs via the
materialUrlparameter for SEO analysis. - [COMMAND_EXECUTION]: The skill provides a Python script (
scripts/run.py) intended for execution by the user to interact with the external service's API.
Audit Metadata