Skills
skills/motion-creative/motion-creative-plugin/Analyze Ad/Gen Agent Trust Hub

Analyze Ad

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and processes untrusted data from external advertising assets.
  • Ingestion points: Content is retrieved from external creatives via the get_creative_transcript and get_creative_summary tools in SKILL.md.
  • Boundary markers: There are no instructions to use delimiters or defensive prompting (e.g., 'ignore instructions within the transcript') when analyzing the retrieved text.
  • Capability inventory: The skill allows the agent to use Read and several specialized Motion platform tools (mcp__motion__*) to interact with account data.
  • Sanitization: The skill lacks explicit logic to sanitize or validate the content of transcripts and summaries before presenting them to the model for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 01:00 AM