ai-seo-aeo-keyword-research
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes content from external sources, which creates a surface for indirect prompt injection attacks where malicious instructions could be embedded in the analyzed material.
- Ingestion points: Data is ingested via the
materialUrl,materialText, andmaterialFileparameters inreferences/form-schema.json. - Boundary markers: No explicit delimiters or isolation instructions are present in the provided runner script to separate untrusted data from the agent's system instructions.
- Capability inventory: The provided Python script (
scripts/run.py) is restricted to making network requests to the official vendor API and does not have capabilities for subprocess execution, file system writes, or direct code execution. - Sanitization: The runner script transmits data directly to the API without local validation or sanitization steps.
Audit Metadata