review
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is informational and focuses on SEO auditing procedures. No malicious commands, obfuscation, or data exfiltration patterns were detected.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill requires the agent to analyze untrusted external data (HTML source, DOM, and headers) from websites being audited. 1. Ingestion points: Website source code, rendered DOM, and HTTP headers referenced in the 'Check' and 'Code Review' sections of SKILL.md. 2. Boundary markers: None present in the instructions to delimit external content or warn against embedded instructions. 3. Capability inventory: The agent's capabilities within this skill are limited to reviewing, explaining, and flagging code issues; no executable scripts, shell commands, or system-level tools are included in the provided files. 4. Sanitization: No sanitization or validation of the ingested external content is specified.
Audit Metadata