seo-analysis
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands to execute
playwright-clifor web interaction and runs a local Python scriptscripts/extract_page_signals.pyto parse SEO and AEO signals. These actions are within the expected scope of the skill's functionality. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted data from third-party websites during analysis. This data is processed and presented to the agent for decision-making and report generation.
- Ingestion points:
SKILL.md(via content extraction from Playwright and theextract_page_signals.pyscript). - Boundary markers: No explicit boundary markers or 'ignore' instructions are provided to the agent when processing the extracted HTML or text content.
- Capability inventory: The skill has access to sensitive tools (Google Search Console, Google Analytics) and can execute shell commands.
- Sanitization: While the Python script extracts specific fields like headings and JSON-LD, it does not sanitize the text content (e.g., meta descriptions or paragraph text) for embedded instructions.
- [EXTERNAL_DOWNLOADS]: The skill performs an initialization step using
playwright-cli install --skillsto download and configure browser binaries. This is a standard and safe operation for setting up the Playwright environment.
Audit Metadata