ai-seo
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/run.pyis used to execute API requests to the diagnostic service atai-skills.ai. - [EXTERNAL_DOWNLOADS]: The Python runner script references the
certifipackage for secure SSL/TLS certificate verification. - [DATA_EXFILTRATION]: The skill transmits the
AISKILLS_API_KEYto the vendor's infrastructure athttps://ai-skills.aifor authenticated service calls. - [SAFE]: The skill possesses an indirect prompt injection attack surface because it processes untrusted data from URLs, files, and text. 1. Ingestion points:
materialUrl,materialFile, andmaterialTextparameters defined inSKILL.mdandreferences/form-schema.json. 2. Boundary markers: None identified in the prompt logic. 3. Capability inventory: Network communication with the vendor API viascripts/run.py. 4. Sanitization: No content sanitization or filtering logic is present.
Audit Metadata