competitive-ads-extractor

The supplied document describes a legitimate-sounding ad-extraction and analysis skill with reasonable outputs (screenshots, analysis, CSVs). The text itself contains no explicit malicious code or obfuscation, but crucial implementation details are missing: whether official APIs or scraping are used, how authentication is handled, what network endpoints are contacted, and how artifacts are stored or retained. These omissions create a moderate supply-chain and operational risk (potential credential exposure, TOS violations, unintended exfiltration) if the actual implementation is not transparent. Before use, require inspection of the implementation: verify endpoints, OAuth scopes, storage destinations, and dependencies; prefer official APIs; ensure minimal required credentials and secure storage; and add clear legal/privacy handling for downloaded creatives.