skill-amazon-ads
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. * Ingestion points: Data is fetched from the Amazon Advertising API in scripts/ads.js (lines 52 and 63). * Boundary markers: No delimiters or instructions are used to distinguish retrieved API data from agent commands. * Capability inventory: The script includes file system write access via fs.writeFileSync (line 110) in scripts/ads.js. * Sanitization: There is no evidence of validation or filtering applied to the retrieved API strings before they are presented to the agent.
- [DATA_EXFILTRATION]: The skill reads credentials from a local configuration file (amazon-ads-api.json) and performs network operations to official Amazon domains (api.amazon.com and advertising-api.amazon.com) to authenticate and manage advertising data.
Audit Metadata