brand-research
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads brand assets (logos, reference photos) from user-provided URLs using the
fetch_asset.pyscript. It also retrieves generated imagery from the well-known FAL AI service viarender_product_shot.py. - [COMMAND_EXECUTION]: The skill requires the agent to execute several local Python scripts included in the package, such as
scaffold_brand.pyfor project setup andverify_pack.pyfor output validation. These scripts perform routine file and directory management. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the web and ad libraries. 1. Ingestion points: External websites and Meta Ad Library content are read in steps 3 and 4 of the workflow. 2. Boundary markers: The instructions do not define delimiters for external content. 3. Capability inventory: The agent has the ability to write files and perform network requests via the provided scripts. 4. Sanitization: There is no evidence of sanitization or filtering applied to ingested data before it is distilled into the research documents.
Audit Metadata