ai-seo-aeo-internal-linking

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external content, which presents a surface for indirect prompt injection. \n
  • Ingestion points: materialText, materialFile, and materialUrl fields in references/form-schema.json. \n
  • Boundary markers: None found in script files; protection relies on the platform's backend model guardrails. \n
  • Capability inventory: Data is transmitted to the vendor API via scripts/run.py. \n
  • Sanitization: Content is passed directly without local sanitization or filtering. \n- [COMMAND_EXECUTION]: The skill includes a Python runner script (scripts/run.py) designed for user execution. \n
  • The script makes authorized API calls to the vendor's domain at ai-skills.ai. \n
  • It utilizes environment variables for API key management and standard urllib for communication. \n- [EXTERNAL_DOWNLOADS]: The runner script attempts to import the well-known certifi package for SSL certificate verification, which is a standard security practice.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-seo-aeo-internal-linking