geo-content-optimizer

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The instructions contain no patterns attempting to override agent behavior, bypass safety filters, or extract system prompts.
  • [DATA_EXFILTRATION]: No unauthorized data transmission or access to sensitive local files (such as SSH keys or credentials) was detected. The network activity is limited to standard web reading and search operations required for the skill's functionality.
  • [COMMAND_EXECUTION]: The skill requests access to the Bash tool, which is used legitimately for file system management (creating output directories). There are no signs of arbitrary or malicious command injection.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from external URLs using web reading tools.
  • Ingestion points: Page content is fetched via mcp__web_reader__webReader and mcp__playwright__browser_snapshot.
  • Boundary markers: None explicitly defined in the instructions to separate external content from system prompts.
  • Capability inventory: The agent has access to Bash and Write tools.
  • Sanitization: No specific sanitization or filtering of external content is mentioned before it is processed by the AI. However, the risk is minimized by the structured nature of the analysis phases.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 12:13 PM
Security Audit — agent-trust-hub — geo-content-optimizer