ad-creative
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation includes examples of shell commands to interact with advertising platform CLIs (e.g., node tools/clis/google-ads.js) and media processing tools like ffmpeg.\n- [EXTERNAL_DOWNLOADS]: The skill references and provides instructions for utilizing external AI services from well-known providers such as Google (Gemini, Veo), OpenAI (TTS, Sora), and ElevenLabs. It also suggests the use of 'Voicebox', an open-source tool hosted on GitHub.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via data processing.\n
- Ingestion points: Untrusted performance data from CSV files and API outputs are processed in SKILL.md.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present.\n
- Capability inventory: The skill possesses shell and network execution capabilities through the use of node scripts and curl.\n
- Sanitization: No input sanitization or validation routines are defined for the ingested data.
Audit Metadata