Skills
skills/indranilbanerjee/digital-marketing-pro/tech-seo-audit/Gen Agent Trust Hub

tech-seo-audit

Fail

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script using the command python "scripts/tech-seo-auditor.py" --url {url}. Because the {url} argument is provided directly by the user without sanitization, an attacker can use shell metacharacters to perform command injection and execute arbitrary code on the host system.
  • [DATA_EXFILTRATION]: The skill is designed to read multiple sensitive files from the user's home directory, specifically under ~/.claude-marketing/brands/, including profile.json, _manifest.json, and SOPs. While this is the intended functionality, the combination of local file access and command execution capabilities creates a high risk for data exfiltration.
  • [INDIRECT_PROMPT_INJECTION]: The skill analyzes external website content via a user-provided URL. This creates a surface for indirect prompt injection where a malicious website could embed instructions in HTML, headers, or metadata to influence the agent's audit report or subsequent actions.
  • Ingestion points: User-provided URL processed in SKILL.md.
  • Boundary markers: None identified.
  • Capability inventory: Subprocess execution of scripts/tech-seo-auditor.py and read access to ~/.claude-marketing/ filesystem.
  • Sanitization: No input validation or content sanitization is described.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 20, 2026, 12:41 AM
Security Audit — agent-trust-hub — tech-seo-audit