competitive-ads-extractor
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection attack surface.
- Ingestion points: The skill is designed to ingest and process untrusted text and data from external platforms including the Facebook Ad Library and LinkedIn (SKILL.md).
- Boundary markers: The skill does not define specific delimiters or instructions to prevent the agent from following directions potentially embedded within the scraped ad copy.
- Capability inventory: The skill performs network scraping operations and writes analysis reports and screenshots to the local file system at paths like
~/competitor-ads/(SKILL.md). - Sanitization: There is no evidence of sanitization, filtering, or validation of the external ad content before it is processed by the agent's reasoning engine.
Audit Metadata