ads-create

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of untrusted data.
  • Ingestion points: Reads brand-profile.json and ADS-AUDIT-REPORT.md (or *-audit-results.md) from the local directory in Step 1 and Step 2.
  • Boundary markers: Does not utilize explicit boundary markers or delimiters to separate ingested file content from agent instructions.
  • Capability inventory: Uses the task tool to spawn creative-strategist and copy-writer agents and writes output to campaign-brief.md.
  • Sanitization: Lacks explicit sanitization or verification of the content within the ingested markdown and JSON files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:38 PM
Security Audit — agent-trust-hub — ads-create