ads-audit
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from advertising account exports (e.g., Search Terms Reports, Campaign Manager exports) without explicitly defined boundary markers or sanitization procedures.
- Ingestion points: SKILL.md defines data collection from Google Ads exports, Meta Ads Manager exports, and LinkedIn Campaign Manager exports.
- Boundary markers: Absent; the instructions do not specify delimiters or warnings to ignore embedded instructions within the processed data.
- Capability inventory: The skill performs file writing (generating .md reports) and delegates tasks to subagents like
audit-googleandaudit-meta. - Sanitization: Absent; there is no mention of filtering or escaping external content before analysis.
- [DATA_EXFILTRATION]: While the skill requests sensitive advertising data and API access, it does not contain any network operations or commands to send this data to external or non-whitelisted domains. The data usage is consistent with the primary purpose of auditing accounts.
Audit Metadata