competitive-ads-extractor
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze untrusted data from external sources.
- Ingestion points: Ad headlines, descriptions, and copy scraped from Facebook and LinkedIn (SKILL.md).
- Boundary markers: Absent. There are no instructions to use delimiters or ignore embedded commands in the source text.
- Capability inventory: The skill describes capabilities for network access (scraping) and file system modification (writing reports to ~/competitor-ads/).
- Sanitization: None. The skill does not mention filtering or escaping the ingested content.
- Data Exposure & Exfiltration (LOW): The skill's workflow involves writing captured data and analysis to the user's local filesystem (e.g.,
~/competitor-ads/). While standard for this use case, users should be aware of the agent's file system access level. - No Code (INFO): No executable scripts, binaries, or dependency manifests were provided for analysis. The evaluation is based on the behavioral instructions and examples within the markdown documentation.
Audit Metadata