link-prospecting
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructs the agent to browse prospect websites to find and record contact information, including email addresses, social media handles, and professional profiles. While this is a core part of its SEO outreach purpose, it constitutes automated collection of data from third-party web pages discovered via search.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from the web (search results and website content). Malicious instructions embedded in prospect websites could attempt to manipulate the agent's output or subsequent actions.
- Ingestion points: Prospect website content, author byline pages, and SERP data fetched via OpenSEO and generic browsing tools.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious embedded content within the ingested data.
- Capability inventory: Includes searching SERPs, inspecting backlinks, qualifying domains, and searching for local business information via OpenSEO tools, as well as generic web browsing for contact discovery.
- Sanitization: The instructions do not define any sanitization, validation, or filtering mechanisms for the data retrieved from external web sources before it is interpreted by the agent.
Audit Metadata