brand-research

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads brand assets (logos, reference photos) from user-provided URLs using the fetch_asset.py script. It also retrieves generated imagery from the well-known FAL AI service via render_product_shot.py.
  • [COMMAND_EXECUTION]: The skill requires the agent to execute several local Python scripts included in the package, such as scaffold_brand.py for project setup and verify_pack.py for output validation. These scripts perform routine file and directory management.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the web and ad libraries. 1. Ingestion points: External websites and Meta Ad Library content are read in steps 3 and 4 of the workflow. 2. Boundary markers: The instructions do not define delimiters for external content. 3. Capability inventory: The agent has the ability to write files and perform network requests via the provided scripts. 4. Sanitization: There is no evidence of sanitization or filtering applied to ingested data before it is distilled into the research documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — brand-research