Seo Content Pro

Security checks across malware telemetry and agentic risk

Overview

This SEO writing skill mostly matches its purpose, but it explicitly includes tools to disguise AI-generated text and bypass AI detectors.

Install only if you are comfortable with a content skill that includes detector-bypass functionality. Do not use it to misrepresent authorship or evade publisher, school, platform, or client disclosure rules, and avoid sending confidential prompts, drafts, client assets, or images to Gemini or an untrusted SearXNG endpoint.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (10)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 78% confidence
Finding: The skill declares executable capabilities such as environment-variable use and file read/write behavior without an explicit permissions declaration, which weakens user awareness and platform enforcement. This is risky because the documented workflows invoke local scripts and external-service configuration, so users may underestimate what the skill can access or modify.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 93% confidence
Finding: The skill’s stated purpose is SEO content creation, but the file also advertises AI-detection evasion, separate title-generation/growth-hacking behavior, and A/B testing style tracking capabilities that materially change the risk profile. This mismatch is dangerous because it obscures potentially deceptive or policy-sensitive functions from users and reviewers, reducing informed consent and trust boundaries.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The image-generation section states that prompts and optional input images are sent to the Google Gemini API but does not clearly warn users that potentially sensitive text or image content leaves the local environment. This creates a privacy and data-governance risk, especially if users provide proprietary drafts, client assets, or personal images.

Missing User Warnings

Low

Confidence: 76% confidence
Finding: The research feature sends topic and competitor-analysis queries to a SearXNG instance, but the skill does not prominently disclose that user queries are transmitted over the network. While lower risk than direct cloud API upload, it can still expose confidential strategy terms, client names, or unpublished campaign topics.

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill explicitly promotes modifying text to 'bypass AI detectors,' which is an evasion-oriented function rather than ordinary editing assistance. This is dangerous because it facilitates deception of reviewers, publishers, educators, or compliance systems that rely on such signals, increasing misuse risk beyond normal SEO tooling.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script transmits the user-supplied prompt and, when provided, the local input image to Google's remote GenAI API, but it does not clearly warn the user that potentially sensitive content will leave the local machine. In a content-generation skill this is expected functionality, but the lack of explicit notice can cause inadvertent disclosure of private or regulated data.

Natural-Language Policy Violations

High

Confidence: 98% confidence
Finding: The script is explicitly marketed as transforming AI text to bypass detection, which indicates intent to facilitate evasion of authenticity and policy controls. In the context of an SEO/content-generation skill, this increases risk because it can be used to disguise machine-generated content and undermine platform, academic, or editorial safeguards.

Ssd 2

Medium

Confidence: 96% confidence
Finding: The feature list markets 'AI Humanization' specifically as a way to transform text to evade AI detectors, indicating intentional support for concealment. In the context of a content-production skill, this makes the tool more dangerous because it directly enables deceptive submission or publication workflows at scale.

Ssd 2

Medium

Confidence: 97% confidence
Finding: The humanization section gives operational guidance for transforming content specifically to avoid AI detectors under a benign-sounding editing label. This is dangerous because it provides actionable misuse instructions, making deception easier and more intentional than a generic rewriting tool.

Ssd 2

High

Confidence: 97% confidence
Finding: Across the implementation, the tool removes chatbot artifacts, citations, markdown signatures, and stylistic markers while applying paraphrasing-like substitutions to make generated text appear more human-authored. That makes the skill materially useful for deceptive content laundering, especially in a commercial SEO workflow where disguising synthetic content may be the operational goal.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal