Skills
skills/seranking/seo-skills/seo-page/Gen Agent Trust Hub

seo-page

Warn

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: In step 4b, the skill specifies the execution of local Python scripts (scripts/gsc_query.py and scripts/gsc_inspect.py) via shell commands that interpolate the user-provided {target_url} and {config.default_property} directly into the command line arguments. This pattern is susceptible to command injection if the input is not strictly validated before the shell call is initiated.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection as identified by the following evidence chain:
  • Ingestion points: Untrusted data enters the agent context through external URLs fetched via the WebFetch and Firecrawl tools in step 6.
  • Boundary markers: The instructions do not define boundary markers or explicit prompts to ignore instructions embedded within the fetched HTML/Markdown content.
  • Capability inventory: The skill has access to shell execution (Step 4b) and file system writes (folder and report creation), which could be targeted by malicious instructions in scraped data.
  • Sanitization: No sanitization, escaping, or validation of the retrieved HTML content is described before the agent uses it to synthesize the final SEO verdict.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 17, 2026, 07:04 AM
Security Audit — agent-trust-hub — seo-page