Back to skill

Security audit

Seo Autopilot

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow SEO automation wrapper for two named sites, with its command use and site limits disclosed.

Install this only if you want your agent to run the local seo-autopilot command for boll-koll.se or hyresbyte.se. Prefer specific prompts like 'seo hyresbyte.se' over plain 'seo' if accidental runs would matter, and verify that the seo-autopilot executable on your PATH is trusted before using the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger phrase "seo" is very broad and likely to appear in normal conversation, which can cause accidental invocation of a skill that is permitted to execute local commands. Because the skill has an exec-capable action behind the trigger, unintended activation increases the risk of unreviewed automation and side effects.

Vague Triggers

Medium
Confidence
83% confidence
Finding
Repeating the ambiguous activation phrase in the usage section reinforces a loosely scoped invocation pattern without clarifying when the skill should not run. In context, this matters because the skill can call exec, so accidental matches can lead to unintended repository changes or automation runs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.