ai-seo-audit
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function involves ingesting and analyzing untrusted data from external sources to generate SEO diagnostics.
- Ingestion points: External data enters the agent context through the
materialUrl,materialFile, andmaterialTextparameters as defined inreferences/form-schema.jsonandSKILL.md. - Boundary markers: There are no specific delimiters or instructions provided to the agent to prevent it from executing commands that might be embedded within the audited content.
- Capability inventory: The skill's scripts are limited to making network requests to the designated API and do not possess capabilities for local file system modification or arbitrary command execution.
- Sanitization: No input sanitization or filtering is performed on the data before it is sent to the processing API.
- [EXTERNAL_DOWNLOADS]: The
scripts/run.pyscript includes logic to import and utilize thecertifiPython package to manage CA certificates for secure communication with the vendor's API endpoints.
Audit Metadata