seo-content-audit
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes web search and fetch capabilities to perform deep crawls of sitemaps and page content for both target and competitor domains. This is the primary intended function of the skill for generating SEO inventories and audits.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and analyzes data from external, attacker-controllable sources (websites and sitemaps). Malicious instructions embedded in these external pages could potentially influence the agent's report generation or behavior during the audit process.
- Ingestion points: Site crawling in Phases 2, 4, and 6 (SKILL.md).
- Boundary markers: No explicit delimiters or warnings to ignore instructions within fetched content are defined in the process steps.
- Capability inventory: The agent has capabilities to search the web, fetch content, and write findings to files in the local directory.
- Sanitization: The instructions do not specify any sanitization or validation of the fetched HTML/Markdown content before analysis.
Audit Metadata