competitive-ads-extractor
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- NO_CODE (SAFE): The provided skill consists entirely of markdown documentation (SKILL.md) and does not include any accompanying scripts, executables, or dependency files.
- PROMPT_INJECTION (LOW): The skill describes a workflow susceptible to Indirect Prompt Injection (Category 8). 1. Ingestion points: The agent is instructed to ingest and analyze untrusted ad copy from external sources like the Facebook Ad Library and LinkedIn. 2. Boundary markers: There are no delimiters or 'ignore' instructions defined to prevent the agent from following commands embedded in the scraped ads. 3. Capability inventory: The skill's intended operation involves network access (scraping) and writing files to the local file system (e.g., ~/competitor-ads/). 4. Sanitization: No methods for sanitizing or escaping the external content are mentioned.
Audit Metadata