researching-competitor-ads
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill file contains only markdown instructions and descriptions. No executable scripts, binaries, or dependency files (e.g., package.json, requirements.txt) are present.\n- [PROMPT_INJECTION] (LOW): The skill's methodology involves ingesting and analyzing untrusted external data from competitor advertisements and landing pages, presenting a surface for Indirect Prompt Injection (Category 8).\n
- Ingestion points: Competitor ad libraries, landing pages, and marketing funnels (SKILL.md).\n
- Boundary markers: Not specified in the instructions.\n
- Capability inventory: Sentiment analysis, psycholinguistic mapping, and funnel deconstruction.\n
- Sanitization: No sanitization or instruction-filtering mechanisms are mentioned.\n- [DATA_EXPOSURE] (LOW): The 'Discovery Questions' section asks users to disclose their approximate monthly advertising budget. While this is sensitive business data, the analysis found no evidence of code that would exfiltrate this information to an unauthorized third party.
Audit Metadata