ads-budget
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies business context by processing content from external URLs, which creates an indirect prompt injection surface. Maliciously crafted data on these external sites could attempt to influence the agent's logic or output.
- Ingestion points: Business context detection from external URLs as defined in the execution flow of
SKILL.md. - Boundary markers: Absent; there are no instructions to use delimiters or to ignore embedded commands within the fetched URL content.
- Capability inventory: File system write access to generate and save the
ADS-BUDGET.mdreport. - Sanitization: Absent; the skill does not specify any validation or filtering of content ingested from external sources.
- [COMMAND_EXECUTION]: The skill instructs the agent to create and write a file named
ADS-BUDGET.mdto the local file system. While this is the intended purpose of the skill, it represents a direct interaction with the host environment's file system.
Audit Metadata