marketing-directory-submissions

Fail

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references a URL that has been confirmed as malicious by automated security scanners.
  • Evidence: The URL https://fitprofessionals.net (referenced as Fit Pro Directory) is included in the references/submission-tracker-template.csv and described in references/directory-list.md.
  • Risk: Users or automated agents following the submission workflow are directed to navigate to and interact with a blacklisted domain, which may lead to exposure to phishing, drive-by downloads, or other web-based malware.
  • [COMMAND_EXECUTION]: The skill provides instructions to execute shell commands for interacting with external web resources.
  • Evidence: SKILL.md and references/directory-list.md include the command curl -sIL https://directory.com/your-listing | grep -i rel= to verify backlink status.
  • Risk: While the specific command is designed for header inspection, it encourages the use of CLI tools to communicate with arbitrary remote servers. Combined with the presence of a malicious URL in the data set, this practice increases the risk of exfiltrating data or receiving malicious responses through terminal-based network requests.
Recommendations
  • AI detected serious security threats
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 3, 2026, 06:26 PM
Security Audit — agent-trust-hub — marketing-directory-submissions