competitor-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core workflow involves ingesting and analyzing untrusted data from external URLs (competitor websites).
- Ingestion points: Competitor URLs and their website content are processed to audit rankings and content strategies (SKILL.md).
- Boundary markers: Absent. There are no instructions to use delimiters or ignore embedded instructions within the fetched competitor content.
- Capability inventory: The skill is designed to extract strategies, generate analysis reports, and identify market gaps based on external data (SKILL.md).
- Sanitization: Absent. No filtering or validation of external web content is described.
- [COMMAND_EXECUTION]: The documentation includes a command
npx skills add aaron-he-zhu/seo-geo-claude-skills, which instructs the user to execute code from a remote source via the Node package runner.
Audit Metadata