brief
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill explicitly prompts users for and stores personally identifiable information (PII), specifically client email addresses, within the persistent local filesystem in the 'location.brief.md' files.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: The skill reads and processes data from various external sources, including 'LocalSEOData' tool outputs (business profiles, reviews, citation audits) and results from scheduled tasks.
- Boundary markers: There are no instructions defining delimiters or boundary markers to distinguish between trusted instructions and untrusted data retrieved from external SEO audits or GBP (Google Business Profile) content.
- Capability inventory: The skill is capable of performing filesystem write operations (creating/updating brief directories) and executing multiple automated SEO analysis tools.
- Sanitization: The instructions lack requirements for sanitizing or validating external content before it is incorporated into the persistent brief files or used to determine 'Next Actions'.
Audit Metadata