seo-page
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to install dependencies (
pip install -r requirements.txt) and run included Python scripts (scripts/fetch_page.py,scripts/parse_html.py) for data processing. - [EXTERNAL_DOWNLOADS]: The skill fetches HTML content from user-provided URLs using the
requestslibrary. While this is the intended purpose, it involves downloading untrusted content from the public internet. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8). It processes untrusted data from external sources that could contain instructions to hijack the agent's behavior.
- Ingestion points: External HTML content fetched by
scripts/fetch_page.pyand parsed byscripts/parse_html.py(specifically titles, meta tags, and alt text). - Boundary markers: Absent. The analysis phase (Phase 2) does not define clear delimiters or instructions for the agent to ignore commands within the analyzed content.
- Capability inventory: The agent has the ability to execute shell commands and make network requests.
- Sanitization: No sanitization or filtering is performed on the extracted HTML content before it is processed by the AI context.
Audit Metadata