seo-technical
Warn
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local Python scripts, including
agent_ux_check.py,render_page.py, andgsc_inspect.py, using shell commands. These commands interpolate a user-provided URL directly into the command line, creating a potential command injection vector if the input is not strictly validated. - [PROMPT_INJECTION]: The skill reads and processes external web content such as HTML and accessibility trees, which presents an indirect prompt injection surface. Malicious sites could embed instructions within their structure to manipulate the agent's audit logic or output.
- Ingestion points: External URLs provided as arguments and processed via Playwright in
SKILL.mdandreferences/agent-friendly-pages.md. - Boundary markers: None identified; the skill does not specify any delimiters or warnings for the agent to ignore instructions found within scanned pages.
- Capability inventory: Execution of local Python scripts; network operations for crawling (Playwright) and API connectivity (Google, DataForSEO).
- Sanitization: No validation or sanitization logic for the target URL or the retrieved content is mentioned.
- [EXTERNAL_DOWNLOADS]: The skill integrates with external APIs from DataForSEO and Google. It also utilizes Playwright, which typically downloads and manages external browser binaries for operation.
Audit Metadata