seo-fix
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes data from an external file (docs/seo-audit/latest.md) to determine code modifications.
- Ingestion points: Accesses the audit report at /seo-audit/latest.md.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands within the audit data are defined.
- Capability inventory: The agent can modify existing source code files and generate new files like robots.txt and sitemap.xml.
- Sanitization: No explicit validation of the recommended fixes from the audit report is mentioned beyond framework-idiomatic translation.
- [COMMAND_EXECUTION]: The skill performs automated file system modifications to refactor code and update metadata. While it includes a --dry-run option and requires confirmation for many changes, the inherent ability to write to arbitrary source files represents a significant capability.
- [EXTERNAL_DOWNLOADS]: The skill suggests installing well-known framework integrations, such as nuxt-simple-sitemap and @astrojs/sitemap, when generating missing project files.
Audit Metadata