ds-paid-audit
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a restricted Bash tool to execute a local Python script (ds_utils.py) for campaign data processing. This behavior is an intended function of the skill and is constrained by the platform's tool access policies to specific script naming patterns.\n- [PROMPT_INJECTION]: The skill demonstrates an attack surface for indirect prompt injection by processing external campaign data.\n
- Ingestion points: Marketing metrics and campaign metadata are ingested via MCP tools or manually provided data files in CSV, TSV, or JSON formats.\n
- Boundary markers: The skill does not implement specific delimiters or explicit safety instructions to isolate ingested campaign data from the agent's operational logic.\n
- Capability inventory: The agent can execute restricted shell commands and use specialized data retrieval tools to interact with advertising platforms.\n
- Sanitization: The instructions do not specify any validation, filtering, or sanitization of campaign names or data fields prior to their processing by the utility scripts.
Audit Metadata