competitive-ads-extractor
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill ingests untrusted data from external ad platforms. Attackers could embed malicious instructions within ads to manipulate the agent's behavior during analysis. Ingestion points: Facebook Ad Library, LinkedIn. Capability: Reasoning and analysis of untrusted text. Sanitization: None provided.
- External Downloads (MEDIUM): The skill is designed to perform network operations to scrape content from non-whitelisted domains like Facebook and LinkedIn.
- Data Exposure (LOW): The skill writes data to the local filesystem (~/competitor-ads/), potentially exposing sensitive information or cluttering the environment.
- No Code (INFO): No executable code files were provided for analysis; assessment is based on the skill's described behavior and intent in the markdown file.
Recommendations
- AI detected serious security threats
Audit Metadata