optimize-seo

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements strong security controls in its support scripts (e.g., append-loop-result.ts), including the use of realpathSync and explicit path prefix verification to prevent directory traversal attacks.
  • [SAFE]: No hardcoded credentials, API keys, or sensitive environment variable exposure patterns were found across the instructions or scripts.
  • [SAFE]: Command execution is restricted to local utility scripts shipped with the skill. Use of Bun.spawnSync is implemented with proper argument separation, mitigating risk of shell injection.
  • [SAFE]: The skill's external data ingestion (fetching robots.txt, sitemaps, and web pages for analysis) is handled by domain-specific agents whose outputs are verified by a sequential critic chain, reducing the impact of potential indirect prompt injections.
  • [SAFE]: Manifest and quality telemetry systems are implemented as local derived state, ensuring data persistence is scoped to the user's project directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:16 PM
Security Audit — agent-trust-hub — optimize-seo