geo-review
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate Generative Engine Optimization (GEO) audits. It uses browser sessions to navigate to user-specified URLs and well-known search engines (Perplexity, Google) to verify citations and content structure. The output locations (shiplight/reports/ and shiplight/tests/) are consistent with the vendor identity (ShiplightAI).\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it retrieves and processes content from external, untrusted websites during the audit phase.\n
- Ingestion points: The skill uses browser tools to extract text and HTML from target URLs and competitor sites (SKILL.md, Phase 3).\n
- Boundary markers: No specific boundary markers or instructions to ignore instructions within the retrieved content were identified in the analysis instructions.\n
- Capability inventory: The skill can write files to the local file system (reports and tests) and control browser navigation via standard tools.\n
- Sanitization: No explicit sanitization or filtering of external web content is described prior to processing.\n
- This surface is considered a low-risk factor inherent to the skill's primary function as a content auditor and does not escalate the verdict.\n- [COMMAND_EXECUTION]: The skill generates YAML files containing JavaScript snippets for regression testing. These snippets are derived from fixed templates used to verify SEO/GEO compliance (e.g., checking for the presence of llms.txt or robot.txt rules) and are saved to the local directory (shiplight/tests/). This behavior is standard for the skill's automated testing purpose and does not involve the execution of untrusted remote code.
Audit Metadata