seo-unlighthouse
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill delegates execution to
scripts/unlighthouse_run.py, which manages the Unlighthouse CLI as a subprocess for auditing sites. - [EXTERNAL_DOWNLOADS]: Requires the installation of the
unlighthouse-cliNode.js package and references an environment setup script (extensions/unlighthouse/install.sh). - [PROMPT_INJECTION]: Potential surface for indirect prompt injection from data audited on external websites.
- Ingestion points: Data from external URLs is crawled and aggregated into the
ci-result.jsonreport file. - Boundary markers: No explicit markers or delimiters are mentioned for the report parsing phase.
- Capability inventory: The skill uses subprocess execution (
unlighthouse_run.py) and has file read/write access for audit reports. - Sanitization: Includes a
url_safety pre-flightcheck to validate target URLs before the audit begins.
Audit Metadata