The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted campaign data from third-party platforms without explicit isolation or sanitization steps.
Ingestion points: Raw performance data provided by the user via CSV, pasted text, or screenshots (SKILL.md).
Boundary markers: Absent; there are no instructions to the agent to treat ad titles, keyword names, or other campaign data as untrusted content or to ignore embedded instructions.
Capability inventory: The skill instructs the agent to write formatted diagnostic reports to the local filesystem (SKILL.md).
Sanitization: Absent; no data validation, escaping, or filtering mechanisms are defined before the ingested content is analyzed and reported.

ad-campaign-analyzer