bulk-seo-guides-from-keywords
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration behaviors were detected. The skill's actions, including network access to well-known SEO services and code modification, are aligned with its intended purpose.
- [PROMPT_INJECTION]: The skill possesses a surface area for indirect prompt injection because it ingests untrusted data from external sources and project files to inform code-writing tasks. This is an inherent risk of its functionality as an automated content generator.
- Ingestion points: Reads from './seo-work-brief.md' (referenced in SKILL.md and references/brief-format.md) and fetches data from external research tools (Ahrefs, Exa) as described in SKILL.md.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between research data and system instructions.
- Capability inventory: The agent is instructed to modify the project's source files, including page modules, route configurations, and sitemap.ts files (documented in SKILL.md and references/shipping-checklist.md).
- Sanitization: There are no specified sanitization procedures for processing external content before it is interpolated into the codebase.
Audit Metadata