paid-ads
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and instructions (SKILL.md and reference files). It does not contain any executable scripts, binaries, or code files.- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by instructing the agent to ingest data from external context files.
- Ingestion points: The agent is explicitly told to read ".agents/product-marketing-context.md" or ".claude/product-marketing-context.md" before beginning campaign tasks in SKILL.md.
- Boundary markers: The instructions do not specify any delimiters or safety headers to separate the context file content from the agent's core instructions.
- Capability inventory: The skill is designed to work with integrated tools for Google Ads, Meta Ads, and other platforms, providing the agent with the ability to create, optimize, and manage ad campaigns and budgets.
- Sanitization: No validation or sanitization steps are defined for the ingested context data.
Audit Metadata