ads-create
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of untrusted data.
- Ingestion points: Reads
brand-profile.jsonandADS-AUDIT-REPORT.md(or*-audit-results.md) from the local directory in Step 1 and Step 2. - Boundary markers: Does not utilize explicit boundary markers or delimiters to separate ingested file content from agent instructions.
- Capability inventory: Uses the
tasktool to spawncreative-strategistandcopy-writeragents and writes output tocampaign-brief.md. - Sanitization: Lacks explicit sanitization or verification of the content within the ingested markdown and JSON files.
Audit Metadata