competitive-ads-extractor
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The provided skill consists entirely of markdown documentation and usage examples. No executable scripts, binaries, or configuration files that could trigger automated code execution were detected.
- [PROMPT_INJECTION]: The skill describes a workflow that ingests untrusted data from external sources (Facebook and LinkedIn Ad Libraries), creating a surface for indirect prompt injection.
- Ingestion points: Data is pulled from third-party competitor advertisements on social media platforms.
- Boundary markers: The skill lacks explicit instructions or delimiters to isolate scraped content or warn the agent against following instructions embedded within processed ad copy.
- Capability inventory: The described workflow includes network operations (web scraping) and local file system writes (saving screenshots and analysis to
~/competitor-ads/). - Sanitization: No methods for sanitizing or validating external content are described before the data is processed for analysis.
Audit Metadata