seo-bing
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines mappings that execute local scripts via the shell, including
python scripts/bing_webmaster.pyandpython scripts/indexnow_submit.py.- [NO_CODE]: The skill references several external files, including an installation script (extensions/bing-webmaster/install.sh) and utility scripts (scripts/bing_webmaster.py,scripts/indexnow_submit.py), which are not provided for analysis.- [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection by processing external data (URLs and files) as command arguments. 1. Ingestion points:<url>and<file>parameters in the routing table for commands like/seo bing submitand/seo bing submit-batch. 2. Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present to isolate the untrusted input. 3. Capability inventory: Execution of local Python scripts via thepythoncommand. 4. Sanitization: No input validation or sanitization logic is present in the instruction markdown.
Audit Metadata