seo-analysis
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill documentation and preflight scripts suggest installing the Google Cloud SDK from a trusted source domain (sdk.cloud.google.com).
- [COMMAND_EXECUTION]: The skill invokes the gcloud CLI and various Python scripts to manage site properties, perform audits, and maintain a local cache in the user's home directory.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill transmits SEO data between Google APIs and user-configured CMS instances. All external communication is directed to legitimate services or the user's own infrastructure, with SSRF protections implemented in CMS fetchers.
- [CREDENTIALS_UNSAFE]: The scripts read local Google Application Default Credentials and encourage the use of .env files for CMS authentication. This is standard practice for local developer tools and no malicious exfiltration was detected.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted content from crawled websites and CMS articles to derive business context and SEO recommendations.
- Ingestion points: Web crawls of target URLs and automated CMS content fetching.
- Boundary markers: Not explicitly defined in the skill instructions.
- Capability inventory: Shell command execution, local file system writes, and authenticated write access to Strapi CMS.
- Sanitization: Data is programmatically parsed by scripts before LLM processing.
Audit Metadata