The Agent Skills Directory

[SAFE]: The skill instructions define a purely analytical workflow. It processes marketing data (CSV, text, or screenshots) provided by the user to perform statistical calculations and budget modeling.
[DATA_EXPOSURE]: The skill handles business performance data (ad spend, ROAS, CPA). While this is sensitive business information, it is handled locally within the agent session. The skill instructs the agent to save the results to a local file (campaign-analysis-[YYYY-MM-DD].md), which is standard behavior for reporting tools.
[PROMPT_INJECTION]: No evidence of malicious instructions, safety bypasses, or system prompt extraction attempts were found in the skill text or metadata.
[REMOTE_CODE_EXECUTION]: The skill does not download external scripts, install packages, or use dynamic execution functions like eval() or exec(). It specifies that no external tools are needed.
[INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect injection because it ingests external data (CSV exports). However, the risk is negligible as the skill lacks high-privilege capabilities like network access or arbitrary command execution that could be exploited by such an injection.

ad-campaign-analyzer