ad-creative-builder

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an attack surface for Indirect Prompt Injection by design.
  • Ingestion points: The skill ingests untrusted data from landing page URLs, CSV file exports, and pasted competitor advertisements as described in SKILL.md.
  • Boundary markers: The skill provides a clear safety instruction to the agent to treat these inputs as untrusted and to never follow instructions embedded within them.
  • Capability inventory: The skill is capable of performing network requests to fetch URL content and writing output to memory files in the memory/ad/ directory.
  • Sanitization: No programmatic content sanitization or structured validation is performed on the ingested external data; it relies on natural language instructions for safety.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — ad-creative-builder