Skills
skills/athina-ai/goose-skills/meta-ad-scraper/Gen Agent Trust Hub

meta-ad-scraper

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/search_meta_ads.py uses the Python requests library to communicate with api.apify.com. It performs POST and GET requests to trigger scraping tasks and retrieve dataset items from the apify/facebook-ads-scraper actor.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted data from an external source.
  • Ingestion points: External ad data (text, titles, and descriptions) is fetched from the Meta Ad Library via Apify in scripts/search_meta_ads.py.
  • Boundary markers: The output is printed as raw JSON or a formatted summary without specific delimiters or instructions to the agent to ignore embedded commands.
  • Capability inventory: The script itself performs network requests via requests but does not include local file-write or subprocess execution capabilities. However, the data it returns is intended for further processing by an agent.
  • Sanitization: The script does not perform sanitization or filtering of the scraped ad content before outputting it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 06:02 PM