geo-seo
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes untrusted project data (codebase files) to generate audit reports and site artifacts, which creates an indirect prompt injection surface.
- Ingestion points: The skill reads various project source files including HTML, TSX, Markdown, and JSON files using
Read,Glob, andGreptools during its detection and audit phases. - Boundary markers: There are no explicit instructions or delimiters provided to the agent to treat the content of audited files as data or to ignore instructions that might be embedded within them.
- Capability inventory: The skill has the authority to use
WriteandEdittools to create or modify critical files likerobots.txt,llms.txt, and schema JSON-LD templates based on analyzed data. - Sanitization: No specific sanitization or validation logic is defined to ensure content extracted from the project files is safe before being interpolated into audit results or generated site artifacts.
- [EXTERNAL_DOWNLOADS]: The skill references several external resources and validation tools as part of its documentation and reporting.
- References
llm-txt-validator.vercel.app(Vercel) and Google's Rich Results Test for manual validation of generated artifacts. - Points to reputable academic research repositories (arXiv.org) and practitioner websites for deeper context on its scoring rubric.
- These references are informational and do not involve automated script execution or package installation by the skill itself.
Audit Metadata