semrush
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto perform GET requests against the official Semrush API (api.semrush.com). This is standard behavior for an API integration skill. - [EXTERNAL_DOWNLOADS]: The skill provides links to the author's connector management page (
app.vm0.ai/connectors) and official Semrush developer documentation for reference. - [CREDENTIALS_UNSAFE]: The skill correctly handles authentication by using the
$SEMRUSH_TOKENenvironment variable rather than hardcoding sensitive API keys. - [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. Network operations are directed towards well-known, legitimate service providers.
Audit Metadata