generate-ad-copy
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted external campaign parameters and research insights which creates a vulnerability surface for indirect injection. 1. Ingestion points: SKILL.md Step 1 identifies input from 'provided parameters' and 'research insights'. 2. Boundary markers: Absent; there are no delimiters or instructions provided to the agent to isolate or ignore embedded commands in the input data. 3. Capability inventory: The skill's capabilities are limited to text generation and structured JSON output as defined in SKILL.md Step 5; no subprocess, file system, or network operations were detected in the provided files. 4. Sanitization: Absent; the skill does not define any input validation or sanitization routines to filter external content.
Audit Metadata