campaign-architect
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data provided via CSV or manual exports (e.g., search-terms reports, GA4 traffic exports).
- Ingestion points: Reads campaign reports, search-term reports, and GA4 traffic-acquisition exports provided by the user or fetched via MCP tools.
- Boundary markers: The instructions explicitly mandate treating every exported or fetched file as untrusted input and forbid following instructions embedded in data exports.
- Capability inventory: Capabilities across scripts are limited to file reads, analytical scoring, and writing structural plans to local project memory files. No arbitrary command execution or external network exfiltration logic is present.
- Sanitization: Relies on clear instructional constraints and the implementation of delimiters as specified in referenced security guidelines to prevent the execution of malicious instructions embedded in data.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No hardcoded credentials or unauthorized network exfiltration logic detected. References to advertising APIs (Google Ads, Meta) are restricted to official, read-only platform tools and manual exports. No sensitive file paths are accessed without explicit user context.
- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: Does not perform any package installations or remote script executions. It utilizes manual exports and official technology company services for data retrieval.
Audit Metadata