meta-ads-campaign-builder
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it instructs the agent to process untrusted data from external sources.\n
- Ingestion points: The skill gathers external data from product URLs, landing pages, and competitor names during the 'Intake' (Phase 0) and 'Audience Strategy' (Phase 2A) stages.\n
- Boundary markers: There are no instructions or delimiters provided to tell the agent to ignore potential commands embedded within the external content it researches.\n
- Capability inventory: The agent uses the
web_searchtool and has the ability to write files to the local file system (saving plans to theclients/directory).\n - Sanitization: The skill does not define any validation or sanitization steps for the data retrieved from external URLs before it is processed by the AI.
Audit Metadata