The Agent Skills Directory

[COMMAND_EXECUTION]: The skill constructs shell commands to execute local Python scripts (scrape_meta_ads.py and scrape_google_ads.py) using the user-provided <competitor_domain> variable. This poses a potential command injection risk if the domain input is not sanitized prior to shell interpolation.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8c) because it fetches and analyzes content from external, attacker-controlled sources such as competitor landing pages. Ingestion points: Ad copy text from Meta/Google and full-page content fetched in Phase 2. Boundary markers: No delimiters or isolation markers are specified for processing external content. Capability inventory: Execution of local scripts via shell and file system writes for saving reports. Sanitization: There is no evidence of sanitization or filtering of the external data before it is interpreted by the agent.
[EXTERNAL_DOWNLOADS]: The skill performs automated network requests to third-party ad platforms and arbitrary landing page URLs found in advertisements. While necessary for its primary function, these operations involve interacting with untrusted external infrastructure.

competitor-ad-teardown