Skills
skills/agricidaniel/claude-ads/ads-generate/Gen Agent Trust Hub

ads-generate

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted user data and passes it to sub-agents.
  • Ingestion points: The skill reads the contents of campaign-brief.md and brand-profile.json (SKILL.md, Steps 2 & 6).
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested files.
  • Capability inventory: The skill spawns the visual-designer and format-adapter agents via the Task tool with context: fork, providing a channel for injected instructions to influence downstream agent behavior.
  • Sanitization: The skill does not describe any validation or escaping of the content read from these files before passing them to the sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:38 PM
Security Audit — agent-trust-hub — ads-generate