tech-seo-audit
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/tech-seo-auditor.pyusing a user-provided URL as a command-line argument. This pattern creates a risk of command injection if the input URL is not strictly validated or sanitized before being passed to the shell. - [DATA_EXFILTRATION]: The skill is configured to read sensitive brand profiles, compliance rules, and configuration files from the user's home directory (specifically
~/.claude-marketing/). Accessing files outside the skill's own package increases the surface area for unauthorized data exposure if the agent is compromised. - [INDIRECT_PROMPT_INJECTION]: The skill possesses a significant attack surface for indirect prompt injection as it ingests and processes content from external websites.
- Ingestion points: The
{url}parameter provided by the user is passed to thetech-seo-auditor.pyscript, which fetches data from remote servers. - Boundary markers: The instructions do not define clear boundaries or delimiters to separate external website content from the agent's internal instructions.
- Capability inventory: The skill has the capability to execute subprocesses (
python scripts/tech-seo-auditor.py) and read files from the local filesystem (~/.claude-marketing/). - Sanitization: There is no evidence of sanitization or validation of the content retrieved from the external URLs before it is processed for the audit report.
Audit Metadata