page-seo-analysis
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill does not contain any malicious instructions, unauthorized file access, or hardcoded credentials. Its operations align with the stated purpose of SEO auditing and utilize local scripts for analysis.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes content from external, untrusted URLs for SEO auditing.
- Ingestion points: The skill retrieves and parses HTML from a target URL and up to three competitor URLs as defined in the process flow in
SKILL.md. - Boundary markers: There are no explicit delimiters or instructions to the agent to ignore potential instructions embedded within the fetched HTML content.
- Capability inventory: The skill leverages specific Python scripts (
tech-seo-auditor.py,content-scorer.py,schema-generator.py,competitor-scraper.py) to extract signals; no capabilities for executing arbitrary commands or performing unauthorized network requests based on the fetched data were identified. - Sanitization: No mechanisms for sanitizing or validating the retrieved HTML content before analysis are mentioned in the skill definition.
Audit Metadata