topical-authority-mapper
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to execute Python scripts from its dependencies (site-content-catalog, reddit-post-finder) to crawl websites and search Reddit. These scripts are invoked locally using the python3 interpreter.\n- [DATA_EXFILTRATION]: In its Enhanced mode, the skill sends user-provided topics and website data to several well-known external SEO service providers including DataForSEO, SEMrush, Ahrefs, and Keywords Everywhere.\n- [PROMPT_INJECTION]: The skill's workflow involves ingesting content from third-party websites and Reddit threads, creating a surface for indirect prompt injection.\n
- Ingestion points: External website content retrieved via site-content-catalog and social media data from reddit-post-finder in Phase 1 and Phase 2.\n
- Boundary markers: Absent; there are no specific instructions provided to the agent to treat this ingested data as untrusted or to use delimiters to prevent instruction hijacking.\n
- Capability inventory: The agent has the ability to execute shell commands (Python scripts) and perform network operations via external APIs which could be abused if the agent follows instructions found in external data.\n
- Sanitization: No sanitization or filtering of the external data is performed before it is processed by the agent.
Audit Metadata