ads-competitors
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes content from untrusted third-party websites during analysis. 1. Ingestion points: External website content via WebFetch and search results via WebSearch. 2. Boundary markers: Absent; the instructions do not implement delimiters or warnings to ignore instructions within fetched data. 3. Capability inventory: Use of WebFetch, WebSearch, and local file-writing capabilities (ADS-COMPETITORS.md). 4. Sanitization: No explicit sanitization or filtering of external content is defined.
- [EXTERNAL_DOWNLOADS]: The skill retrieves information from external domains, including competitor sites and well-known platforms like Meta Ad Library and Google Ads Transparency Center, which is consistent with its research purpose.
Audit Metadata