seo-keywords
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests and processes untrusted data from external websites, creating a surface for indirect prompt injection.
- Ingestion points: Data enters the agent's context through search engine results via
serp_organic_live_advancedand page content extracted from competitor URLs using theon_page_content_parsingtool. - Boundary markers: The instructions do not specify any delimiters or boundary markers to separate external content from the skill's instructions, nor is there a warning for the agent to ignore instructions within the parsed data.
- Capability inventory: The skill can write files to the local project directory (e.g.,
docs/seo/<slug>/keyword-data.md) and utilize specialized SEO tools. It does not have access to general shell commands or arbitrary network requests. - Sanitization: No sanitization, filtering, or validation of the external content is performed before it is analyzed by the agent.
Audit Metadata