meta-ads-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's brief.md Phase 1 explicitly requires the agent to "visit their website, infer the audience, look up competitors" and elsewhere asks for landing page URLs and external resources (e.g., Meta Ad Library, AdKit links), showing the agent will fetch and interpret untrusted public/user-provided web content which can directly influence campaign decisions and next actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly supports creating and launching Meta ad campaigns and mentions using a specific CLI (AdKit) with commands like adkit meta campaigns create and adkit drafts list. It directs execution steps (creating campaigns, publishing ads, and scaling budgets) rather than only advising. That is a specific integration that can modify ad campaigns and budgets via API/CLI — i.e., it can directly start/alter ad spend. This matches "managing ad spend budgets (specifically the API to update the budget)" in the policy, so it grants direct financial execution capability.