gr-seo-patrol
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Python scripts (
daily-report.py,canonical-fix.py,rescue-post.py) to automate SEO tasks like reporting and file updates. - [EXTERNAL_DOWNLOADS]: The skill connects to well-known service endpoints including
api.github.comandapi.dataforseo.com. It also fetches content from website URLs to verify SEO tags and metadata. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill utilizes environment variables
GITHUB_TOKENandDATAFORSEO_B64for API authentication. It transmits repository content and keyword queries to these external services as part of its core functionality. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from external websites and API responses, which presents an attack surface where third-party data might influence agent behavior.
- Ingestion points: Data from DataForSEO SERP results, HTML from target domains, and Markdown file content fetched from GitHub.
- Boundary markers: No explicit delimiters or instructions are present in the scripts to prevent the agent from interpreting embedded content as commands.
- Capability inventory: The skill has write access to the GitHub repository via the Contents API to perform title rewrites and link injections.
- Sanitization: Ingested data undergoes minimal processing, primarily regex-based text replacement, without thorough security validation or escaping of external content.
Audit Metadata