seo-ahrefs
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data retrieved from external web sources through Ahrefs (such as referring domain anchors and Content Explorer results), which constitutes an indirect prompt injection surface.
- Ingestion points: Web content is ingested into the agent context via commands like
/seo ahrefs content <topic>and/seo ahrefs organic <url>. - Boundary markers: The instructions do not specify any delimiters or safety warnings to ignore instructions embedded within the external SEO data.
- Capability inventory: The skill utilizes MCP tools to query the Ahrefs API and interacts with other SEO-related agent capabilities.
- Sanitization: There is no indication of sanitization or filtering of the text content retrieved from external pages.
- [COMMAND_EXECUTION]: The documentation instructs the user to run local scripts for installation (
extensions/ahrefs/install.sh,install.ps1) and operational tasks (scripts/dataforseo_costs.py). These commands are standard for configuring the environment and tracking API usage costs.
Audit Metadata