paid-ads
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection via local data ingestion.
- Ingestion points: The 'Before Starting' section in SKILL.md instructs the agent to read
.agents/product-marketing-context.mdor.claude/product-marketing-context.mdbefore executing tasks. - Boundary markers: There are no instructions to use delimiters or warnings to ignore instructions embedded within these context files.
- Capability inventory: The agent is granted access to advertising platforms (Google Ads, Meta, LinkedIn, TikTok) via model context protocol (MCP) tool integrations, creating a path for potential impact if the ingested data is malicious.
- Sanitization: The skill lacks instructions for sanitizing or validating the content retrieved from the marketing context files.
Audit Metadata