ad-campaign-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted data from external sources (Google, Meta, and LinkedIn ad exports), which creates a surface for indirect prompt injection.
- Ingestion points: Phase 0 and Phase 1 specify the ingestion of CSV files, pasted performance tables, and dashboard screenshots (SKILL.md).
- Boundary markers: There are no explicit boundary markers or instructions to the agent to ignore embedded commands within the ingested data.
- Capability inventory: The skill primarily uses reasoning but includes a file-writing instruction to save reports to 'clients//ads/'. It does not explicitly request high-risk tools like shell execution or network access.
- Sanitization: The instructions do not define any sanitization or validation steps for the input data.
- [NO_CODE]: The skill does not contain any executable scripts, binaries, or automated installation steps for third-party packages, relying entirely on the agent's internal reasoning capabilities.
Audit Metadata