ai-seo

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/run.py is used to execute API requests to the diagnostic service at ai-skills.ai.
  • [EXTERNAL_DOWNLOADS]: The Python runner script references the certifi package for secure SSL/TLS certificate verification.
  • [DATA_EXFILTRATION]: The skill transmits the AISKILLS_API_KEY to the vendor's infrastructure at https://ai-skills.ai for authenticated service calls.
  • [SAFE]: The skill possesses an indirect prompt injection attack surface because it processes untrusted data from URLs, files, and text. 1. Ingestion points: materialUrl, materialFile, and materialText parameters defined in SKILL.md and references/form-schema.json. 2. Boundary markers: None identified in the prompt logic. 3. Capability inventory: Network communication with the vendor API via scripts/run.py. 4. Sanitization: No content sanitization or filtering logic is present.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:31 AM
Security Audit — agent-trust-hub — ai-seo