google-ad-scraper
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes the
requestslibrary to interact with the Apify API (api.apify.com), an established and well-known automation platform.\n- [SAFE]: Sensitive information such asAPIFY_API_TOKENis securely managed through environment variables or command-line arguments, avoiding hardcoded secrets.\n- [SAFE]: Remote code execution is confined to official Apify actors running on Apify's infrastructure, which is the intended and documented behavior of the scraper.\n- [SAFE]: No unauthorized local system modifications, file access, or suspicious command executions were identified.\n- [PROMPT_INJECTION]: The skill processes untrusted external data which creates an attack surface for indirect prompt injection.\n - Ingestion points: Raw ad text is retrieved from the Google Ads Transparency Center via Apify actors in
scripts/search_google_ads.py.\n - Boundary markers: The summary output lacks explicit delimiters or instructions to prevent the agent from obeying embedded instructions within ad content.\n
- Capability inventory: The skill has no dangerous local capabilities such as subprocess execution, file writing, or evaluation of code based on input; it strictly outputs data to the console.\n
- Sanitization: Ad headlines and descriptions are not sanitized or filtered for malicious instructions before being presented to the agent.
Audit Metadata