geo-seo

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill analyzes untrusted project data (codebase files) to generate audit reports and site artifacts, which creates an indirect prompt injection surface.
  • Ingestion points: The skill reads various project source files including HTML, TSX, Markdown, and JSON files using Read, Glob, and Grep tools during its detection and audit phases.
  • Boundary markers: There are no explicit instructions or delimiters provided to the agent to treat the content of audited files as data or to ignore instructions that might be embedded within them.
  • Capability inventory: The skill has the authority to use Write and Edit tools to create or modify critical files like robots.txt, llms.txt, and schema JSON-LD templates based on analyzed data.
  • Sanitization: No specific sanitization or validation logic is defined to ensure content extracted from the project files is safe before being interpolated into audit results or generated site artifacts.
  • [EXTERNAL_DOWNLOADS]: The skill references several external resources and validation tools as part of its documentation and reporting.
  • References llm-txt-validator.vercel.app (Vercel) and Google's Rich Results Test for manual validation of generated artifacts.
  • Points to reputable academic research repositories (arXiv.org) and practitioner websites for deeper context on its scoring rubric.
  • These references are informational and do not involve automated script execution or package installation by the skill itself.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:39 PM
Security Audit — agent-trust-hub — geo-seo