seo-competitor-pages
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from external, untrusted URLs using
WebFetchandmcp__firecrawl-mcp__firecrawl_scrape. These tools are used to extract H2 outlines, schema markup, and metadata from top-ranking SERP competitors. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external websites (competitor pages and search results) to generate a page draft.
- Ingestion points: Content retrieved via
WebFetchandFirecrawlfrom top SERP winners and user-provided competitor URLs. - Boundary markers: The instructions do not define clear delimiters or "ignore previous instructions" warnings when processing the scraped markdown or HTML.
- Capability inventory: The agent has the ability to write multiple files to the local file system (e.g.,
COMPARISON.md,schema.jsonld). It does not appear to have direct shell execution or network exfiltration capabilities beyond the defined tools. - Sanitization: There is no explicit mention of sanitizing or escaping the fetched content before it is interpolated into the generation process.
Audit Metadata