seo

Fail

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The repository's installation guides recommend piping a remote shell script from GitHub directly into the bash or PowerShell interpreter (e.g., curl -fsSL ... | bash). While these resources originate from the author's repository, this pattern bypasses manual review of the executed code.
  • [COMMAND_EXECUTION]: Multiple Python scripts, including generate_report.py, lighthouse_runner.py, github_api.py, and repo_release_seo.py, utilize the subprocess module to run external binaries and internal scripts. This allows the skill to interact with system-level tools such as git, gh (GitHub CLI), and npx (Node Package Runner) using inputs derived from user requests.
  • [EXTERNAL_DOWNLOADS]: The installation process involves downloading release archives from GitHub and extracting them to the local environment. Additionally, scripts such as lighthouse_runner.py may trigger the retrieval of Node.js dependencies at runtime if they are not already installed.
  • [DATA_EXFILTRATION]: To perform its primary function, the skill fetches content from arbitrary external URLs. This functionality is mitigated by a shared security policy in scripts/lib/safe_http.py that validates resolved IP addresses to prevent Server-Side Request Forgery (SSRF) against internal or private networks.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from the web (via read_url_content and fetch_page.py) and incorporates it into the LLM's reasoning context. This context can subsequently influence the execution of high-capability scripts, although the severity is considered low due to existing LLM guardrails.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/Bhanunamikaze/Agentic-SEO-Skill/main/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
May 30, 2026, 09:20 PM
Security Audit — agent-trust-hub — seo