geo-review

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs legitimate Generative Engine Optimization (GEO) audits. It uses browser sessions to navigate to user-specified URLs and well-known search engines (Perplexity, Google) to verify citations and content structure. The output locations (shiplight/reports/ and shiplight/tests/) are consistent with the vendor identity (ShiplightAI).\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it retrieves and processes content from external, untrusted websites during the audit phase.\n
  • Ingestion points: The skill uses browser tools to extract text and HTML from target URLs and competitor sites (SKILL.md, Phase 3).\n
  • Boundary markers: No specific boundary markers or instructions to ignore instructions within the retrieved content were identified in the analysis instructions.\n
  • Capability inventory: The skill can write files to the local file system (reports and tests) and control browser navigation via standard tools.\n
  • Sanitization: No explicit sanitization or filtering of external web content is described prior to processing.\n
  • This surface is considered a low-risk factor inherent to the skill's primary function as a content auditor and does not escalate the verdict.\n- [COMMAND_EXECUTION]: The skill generates YAML files containing JavaScript snippets for regression testing. These snippets are derived from fixed templates used to verify SEO/GEO compliance (e.g., checking for the presence of llms.txt or robot.txt rules) and are saved to the local directory (shiplight/tests/). This behavior is standard for the skill's automated testing purpose and does not involve the execution of untrusted remote code.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:39 PM
Security Audit — agent-trust-hub — geo-review