The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external ad platforms and user-provided asset links.
Ingestion points: The analyze_search_terms tool retrieves raw search query data from Google Ads, and tools like help_user_upload process content from user-provided URLs (Google Drive, S3, Dropbox).
Boundary markers: The skill documentation does not define specific delimiters or instructions to ignore embedded commands within the retrieved data.
Capability inventory: The skill has high-impact capabilities including create_search_campaign, update_budget, and add_keywords which could be manipulated if an injection occurs.
Sanitization: No explicit sanitization or validation logic is described for the ingestion of search term strings or metadata from external files.
[EXTERNAL_DOWNLOADS]: The skill setup requires the download and installation of the openclaw-adspirer Node.js plugin. It also establishes network connections to mcp.adspirer.com and www.adspirer.com to facilitate ad platform integrations.
[COMMAND_EXECUTION]: The documentation directs users to execute shell commands for plugin installation and account authentication (openclaw plugins install openclaw-adspirer, openclaw adspirer login).

ai-ads-agent