competitive-ads-extractor
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation and instructions with no accompanying Python, Node.js, or other executable scripts.
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection as it ingests untrusted data from third-party ad libraries.
- Ingestion points: Scraped ad copy and metadata from Facebook Ad Library and LinkedIn.
- Boundary markers: Absent; the skill does not provide delimiters or instructions to ignore commands embedded within the scraped content.
- Capability inventory: The agent is expected to scrape web content, capture screenshots, and write files to the local file system.
- Sanitization: Absent; there is no logic described for sanitizing or validating the ingested ad content before it is analyzed by the agent.
Audit Metadata