Skills
skills/hainrixz/claude-ads/ads-generate/Gen Agent Trust Hub

ads-generate

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data which creates a surface for indirect prompt injection.
  • Ingestion points: The skill reads campaign-brief.md and brand-profile.json to generate image prompts and instructions for sub-agents.
  • Boundary markers: No explicit delimiters or boundary markers are defined to isolate the external content from the system instructions.
  • Capability inventory: The skill has the ability to spawn sub-agents (visual-designer, format-adapter), execute commands via the banana-claude CLI, and write generated assets to the local filesystem (./ad-assets/).
  • Sanitization: The instructions do not describe any sanitization, validation, or escaping of the data ingested from the campaign brief before it is processed by the agent or sub-agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 08:37 AM
Security Audit — agent-trust-hub — ads-generate