The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes command-line interfaces to interact with ad platforms and media tools. It provides specific instructions for running local Node.js scripts (e.g., node tools/clis/google-ads.js) to fetch performance reports and manage campaigns. Additionally, it references the use of npx for Remotion video rendering and make for setting up local tools.
[PROMPT_INJECTION]: This skill is vulnerable to indirect prompt injection because it is designed to ingest and analyze external 'performance data' which includes ad headlines, descriptions, and primary text.
Ingestion points: Ad performance data provided via CSV, API output, or direct text input (as described in the 'Iterate from Performance Data' section of SKILL.md).
Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the ingested ad copy.
Capability inventory: The agent has the capability to execute shell commands, perform network requests (curl), and read local files like .claude/product-marketing-context.md.
Sanitization: There is no evidence of sanitization or filtering applied to the external ad content before it is processed to identify 'winning patterns'.
[EXTERNAL_DOWNLOADS]: The skill references and provides setup instructions for external software and APIs. This includes cloning the Voicebox repository from GitHub (github.com/jamiepine/voicebox) and using various well-known AI services such as Google Gemini, ElevenLabs, and OpenAI. These downloads and references target established platforms and tools.

ad-creative