ads-creative
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses a
WebFetch(url)operation to retrieve information from external, user-provided websites. Accessing arbitrary URLs can expose the agent to untrusted data or potential server-side request forgery (SSRF) risks. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted content from external URLs without sufficient boundary markers or sanitization to prevent malicious instructions from overriding the agent's logic.
- Ingestion points: Brand identity, colors, and messaging framework are extracted from external sites via
WebFetch(url)in Step 1 ofSKILL.md. - Boundary markers: The skill does not implement delimiters or explicit instructions to the agent to disregard potential commands found within the fetched content.
- Capability inventory: The skill has the capability to write output to a markdown file (
ADS-CREATIVE-BRIEF.md) based on the data it processes. - Sanitization: There is no evidence of content validation or filtering of the retrieved data before it is incorporated into the prompt context.
Audit Metadata