ads-create
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its reliance on local data ingestion.
- Ingestion points: The skill reads brand-profile.json, ADS-AUDIT-REPORT.md, and various *-audit-results.md files from the current directory.
- Boundary markers: Absent; the skill does not use delimiters or explicit instructions to ignore potentially malicious content within the ingested files.
- Capability inventory: The skill writes to campaign-brief.md and triggers the sequential execution of sub-agents (creative-strategist and copy-writer) which process the generated brief.
- Sanitization: Absent; data from the profile and audit files is used directly in prompts and output files without validation or escaping.
- [COMMAND_EXECUTION]: The skill orchestrates a multi-step workflow involving file system operations and the coordination of specialized creative agents. It implements logic to manage sequential task execution and file-based state sharing between different agent roles.
Audit Metadata