campaign-architect

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data provided via CSV or manual exports (e.g., search-terms reports, GA4 traffic exports).
  • Ingestion points: Reads campaign reports, search-term reports, and GA4 traffic-acquisition exports provided by the user or fetched via MCP tools.
  • Boundary markers: The instructions explicitly mandate treating every exported or fetched file as untrusted input and forbid following instructions embedded in data exports.
  • Capability inventory: Capabilities across scripts are limited to file reads, analytical scoring, and writing structural plans to local project memory files. No arbitrary command execution or external network exfiltration logic is present.
  • Sanitization: Relies on clear instructional constraints and the implementation of delimiters as specified in referenced security guidelines to prevent the execution of malicious instructions embedded in data.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No hardcoded credentials or unauthorized network exfiltration logic detected. References to advertising APIs (Google Ads, Meta) are restricted to official, read-only platform tools and manual exports. No sensitive file paths are accessed without explicit user context.
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: Does not perform any package installations or remote script executions. It utilizes manual exports and official technology company services for data retrieval.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 10:02 AM
Security Audit — agent-trust-hub — campaign-architect