programmatic-seo
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to read brand profiles, guidelines, and manifests from the local directory
~/.claude-marketing/brands/. While these files provide necessary industry context for the skill's primary purpose, the access to files in the user's home directory containing business logic and profiles represents a potential data exposure risk. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests data from external URLs, API endpoints, and structured files (CSV/JSON). An attacker could embed instructions in the content being audited to influence the agent's subsequent actions.
- Ingestion points: Data enters the context via external URLs, API endpoints, database queries, and data files (CSV/JSON).
- Boundary markers: The skill instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings for external data.
- Capability inventory: The skill utilizes scripts (
tech-seo-auditor.py,content-scorer.py,competitor-scraper.py) to perform scraping, technical audits, and content scoring, and reads local brand context files. - Sanitization: There is no evidence of validation or sanitization of ingested content before it is processed by the agent.
Audit Metadata