Skills
skills/infrasity-labs/dev-gtm-claude-skills/seo-ecommerce/Gen Agent Trust Hub

seo-ecommerce

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes untrusted raw HTML from external URLs.
  • Ingestion points: scripts/fetch_page.py and scripts/parse_html.py retrieve and parse content from user-provided product URLs.
  • Boundary markers: None identified; the skill instructions do not specify delimiters or instructions to ignore embedded content.
  • Capability inventory: Execution of local scripts for data normalization and API interaction.
  • Sanitization: No sanitization or filtering of external HTML is described in the workflow.
  • [COMMAND_EXECUTION]: The skill makes extensive use of local script execution to perform its primary SEO and marketplace analysis tasks.
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from arbitrary external websites for on-page SEO auditing and communicates with the DataForSEO Merchant API.
  • [DATA_EXFILTRATION]: The ucp_check.py script includes a --probe-endpoints feature that performs HEAD requests to URLs defined in a remote /.well-known/ucp JSON file. This mechanism could be leveraged for Server-Side Request Forgery (SSRF) if a malicious profile directs the agent to probe internal or non-public network resources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:36 AM
Security Audit — agent-trust-hub — seo-ecommerce