competitor-analysis
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted domain strings and third-party search data.
- Ingestion points: External data enters the agent context via the 'Competitor domain', 'User's domain', and localization parameters defined in the required inputs (SKILL.md).
- Boundary markers: The instructions lack delimiters (such as XML tags or triple quotes) or specific warnings to ignore instructions potentially embedded within the retrieved SEO data.
- Capability inventory: The skill has access to multiple network-facing MCP tools (e.g., get_domain_overview, get_ranked_keywords, get_backlinks_overview) used to fetch data from external SEO services (SKILL.md).
- Sanitization: There is no evidence of input validation, escaping, or filtering for the user-supplied domains or the data returned by the search tools.
Audit Metadata