ads-meta
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it requires the agent to ingest and process untrusted data from external Meta Ads Manager exports.
- Ingestion points: The skill instructs the agent to "Collect Meta Ads data (Ads Manager export, Events Manager screenshot...)" in step 1 of the Process section in
SKILL.md. - Boundary markers: Absent; there are no instructions for the agent to treat the external data as untrusted or to use specific delimiters to isolate it from the agent's instructions.
- Capability inventory: The skill's primary capabilities involve reading local reference documentation in the
ads/references/directory and generating audit reports. No high-risk shell commands or remote execution tools are explicitly invoked in the analyzed file. - Sanitization: Absent; the skill does not define any procedures for validating or filtering the content of the imported advertising data, allowing potential malicious instructions in campaign fields to be processed as data.
Audit Metadata