budget-tracker
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests campaign-level data and metadata from external advertising platforms.
- Ingestion points: External spend data and cost metrics retrieved from Google Ads, Meta, LinkedIn, and TikTok.
- Boundary markers: The instructions do not specify any delimiters or safety prompts to prevent the agent from following instructions potentially embedded in campaign names or descriptions.
- Capability inventory: The skill executes Python scripts (
scripts/ad-budget-pacer.py,scripts/budget-optimizer.py) and performs file write operations to save snapshots, which could be misused if malicious input were processed. - Sanitization: No evidence of data sanitization or validation of the external strings before they are used in analysis scripts.
- [COMMAND_EXECUTION]: The skill executes local Python scripts to perform its primary functions.
- Evidence: Step-by-step logic involves calling
scripts/ad-budget-pacer.py,scripts/budget-optimizer.py, andscripts/performance-monitor.py. These scripts are part of the skill's own package and are used for data analysis and state persistence.
Audit Metadata