research-keywords
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute internal Node.js scripts (keyword-explorer.mjs and serp-analyzer.mjs) to automate keyword mining and SERP analysis tasks.
- [EXTERNAL_DOWNLOADS]: The included scripts perform HTTPS requests to Google's autocomplete service and SerpAPI to retrieve live search data and feature information.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from competitor websites and user-provided CSV files to identify content gaps. \n
- Ingestion points: External competitor websites accessed via WebFetch and third-party CSV files from SEO tools. \n
- Boundary markers: Absent when analyzing external website content for brand intelligence. \n
- Capability inventory: Bash execution for local scripts, WebFetch for website retrieval, and local file system access. \n
- Sanitization: No content sanitization or instruction-filtering is described for the text ingested from arbitrary websites.
Audit Metadata