market-intelligence-gather
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill's primary function is to ingest untrusted data from external ad libraries and process it with an LLM, which presents a surface for indirect prompt injection attacks. \n
- Ingestion points: Untrusted content is scraped from external websites including Facebook Ad Library, LinkedIn, and other unspecified ad platforms. \n
- Boundary markers: Absent. The skill documentation does not provide instructions for the agent to use delimiters or ignore embedded instructions within the scraped ad copy. \n
- Capability inventory: The agent performs network requests (scraping), writes to the local filesystem (~/competitor-ads/), and performs natural language analysis on the scraped data. \n
- Sanitization: Absent. There is no mention of validating, filtering, or escaping the external content before it is processed by the AI. \n- No Code (SAFE): The provided file is a pure Markdown document containing instructions and metadata. It does not include any Python scripts, Node.js packages, or binary executables that could perform malicious actions independently.
Audit Metadata