ad-copy-generator
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto interact with the Meta Graph API. These commands are used to fetch ad account insights, creative IDs, and asset specifications to inform the copy generation process. - [EXTERNAL_DOWNLOADS]: Data is retrieved from
graph.facebook.com, which is a well-known service. The fetched information includes performance metrics (CTR, impressions) and existing ad creative data. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external data from the Meta API and brand files within the local workspace. While these sources could contain untrusted content, the skill uses the data as context for creative writing rather than executable instructions, and the interactions are limited to a well-known service.
Audit Metadata