paid-ads
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists exclusively of markdown files providing strategy, checklists, and templates for performance marketing. No scripts, binaries, or shell commands are included within the skill package.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection via data ingestion, though it is currently used for legitimate personalization.
- Ingestion points: The agent is instructed in
SKILL.mdto read.claude/product-marketing-context.mdfor product context before proceeding. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the content of the context file as untrusted data.
- Capability inventory: The skill metadata and documentation refer to capabilities for managing high-value ad platform accounts (Google Ads, Meta, LinkedIn, etc.) via external MCP tools.
- Sanitization: The skill does not define any validation or sanitization routines for the content of the context file.
Audit Metadata