ai-programmatic-seo

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface due to the ingestion and processing of untrusted external data.
  • Ingestion points: User-controlled data enters the agent context through materialUrl, materialFile (accepting .xlsx, .xls, .csv, and .tsv formats), and materialText as defined in SKILL.md and references/form-schema.json.
  • Boundary markers: The skill lacks explicit delimiters or 'ignore' instructions that would prevent the AI from executing malicious commands embedded within the provided SEO materials.
  • Capability inventory: The execution script scripts/run.py facilitates authenticated network operations to the vendor's API at https://ai-skills.ai/api/execute.
  • Sanitization: No input validation, escaping, or filtering is performed on the user-provided parameters before they are transmitted to the remote API.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:32 AM
Security Audit — agent-trust-hub — ai-programmatic-seo