Skills
skills/zubair-trabzada/geo-seo-claude/geo/Gen Agent Trust Hub

geo

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses WebFetch and curl to retrieve content from external websites and sitemaps for SEO auditing purposes.
  • [COMMAND_EXECUTION]: The tool utilizes Bash for orchestration and executes a local Python script ~/.claude/skills/geo/scripts/generate_pdf_report.py to compile audit results into PDF reports.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the web.
  • Ingestion points: External URLs fetched via WebFetch or curl as defined in SKILL.md.
  • Boundary markers: None explicitly defined in the orchestration logic to isolate fetched content from agent instructions.
  • Capability inventory: The skill has access to Bash, Write, Read, and WebFetch tools.
  • Sanitization: No specific sanitization or filtering of the fetched HTML content is mentioned before it is processed by subagents.
  • [SAFE]: No evidence of malicious obfuscation, hardcoded credentials, or unauthorized persistence mechanisms was detected. The data storage in ~/.geo-prospects/ is consistent with the tool's stated CRM-lite functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 05:01 PM