competitor-ads-analyst
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Risk. The skill is designed to ingest and analyze untrusted data from external sources (public ad libraries).
- Ingestion points: External ad copy (headlines, primary text, CTA) from Meta, Google, TikTok, and LinkedIn platforms.
- Boundary markers: Absent. The instructions do not specify delimiters or instructions to ignore embedded commands for the external content.
- Capability inventory: The skill performs network reading (to fetch ads) and file writing (to generate reports). No administrative or code execution capabilities were detected across the analyzed files.
- Sanitization: Absent. There is no mention of filtering, escaping, or validating the external ad content before it is processed by the agent.
Audit Metadata