seo
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The toolkit includes a variety of Python and Bash scripts designed for SEO data processing and API interaction. These scripts allow for sophisticated analysis of search metrics and automation of Google Search Console queries using standard system utilities like
opensslfor secure JWT signing. - [EXTERNAL_DOWNLOADS]: The skill facilitates communication with official Google API domains (
googleapis.comandoauth2.googleapis.com) for authentication and search analytics retrieval. These are recognized as well-known technology services and are essential for the skill's intended operation. - [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists as the skill processes search query data from external Google Search Console files. While the included scripts are analytical in nature, the ingestion of user-controlled query strings could influence agent behavior if interpreted as instructions.
- Ingestion points: Search query and page data read from
gsc-*.jsonfiles inreferences/analysis-playbooks.mdandreferences/optimization-templates.md. - Boundary markers: Absent; the data is printed directly to the agent's output context.
- Capability inventory: The skill possesses network capabilities (Google APIs) and local script execution (Python/Bash) documented in
references/gsc-api-reference.md. - Sanitization: None; the scripts output raw query and URL strings from the data sources.
Audit Metadata