competitive-ads-extractor
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): Vulnerable to Indirect Prompt Injection. The skill ingests untrusted text from external ad libraries. Ad copy containing malicious instructions could influence the agent's analysis or subsequent actions. 1. Ingestion points: Facebook and LinkedIn Ad Library content. 2. Boundary markers: Absent. 3. Capability inventory: Local file system write access (~/competitor-ads/) and decision-making logic (generating recommendations). 4. Sanitization: None described in documentation.
- [DATA_EXFILTRATION] (LOW): Performs network requests to non-whitelisted domains for scraping purposes.
- [NO_CODE] (INFO): No implementation code provided; analysis is based on documented functionality.
Audit Metadata