meta-ads-analyser
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted media assets (Meta ads) that could contain embedded instructions intended to manipulate the AI's analysis results.
- Ingestion points: Image and video files located in the
~/clawd/output/meta-ads/directory. - Boundary markers: Absent. The analysis process does not include specific delimiters or warnings for the vision models to ignore instructions within the ad content.
- Capability inventory: The agent can execute shell commands, write to the filesystem, and transmit files via Telegram.
- Sanitization: Analysis outputs are interpolated into an HTML template without explicit sanitization steps.
- [COMMAND_EXECUTION]: The skill uses local system utilities
sipsandffprobeto extract metadata from files. While these are legitimate tools for the stated purpose, the filenames are derived from external data, requiring the agent to correctly escape paths to prevent command injection.
Audit Metadata