The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the brand DNA extraction feature. The /ads dna <url> command crawls external websites to extract brand voice and visual style data, which is then stored in brand-profile.json. This data is subsequently used by the creative-strategist and visual-designer agents to generate campaign copy and images. An attacker could place malicious instructions on a website to influence these downstream AI processes.\n
Ingestion points: External website content is fetched via the ads-dna command as documented in SKILL.md and references/brand-dna-template.md.\n
Boundary markers: There are no specified delimiters or instructions for the agents to ignore potential commands embedded within the extracted website content.\n
Capability inventory: The extracted brand profile influences campaign planning (ads-create) and AI image generation (ads-generate using generate_image.py).\n
Sanitization: The skill lacks mentioned sanitization or validation logic for the content retrieved from external URLs.\n- [EXTERNAL_DOWNLOADS]: The skill documents requirements for several well-known third-party libraries used for image generation tasks. Evidence: openai>=1.75.0, stability-sdk>=0.8.4, replicate>=1.0.4.\n- [COMMAND_EXECUTION]: The skill executes local scripts and orchestrates specialized agents to perform audits and creative generation. Evidence: Usage of generate_image.py for visual asset creation and the Task tool for subagent delegation.

ads