evaluate-ad

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill coordinates a structured evaluation of Meta ads using specialized agents for data ingestion, diagnosis, and recommendation. The process is gated by a Critic agent that enforces a multi-dimensional rubric for signal integrity and attribution honesty.\n- [COMMAND_EXECUTION]: The skill uses the bun runtime to execute several local utility scripts for framework maintenance and data logging. These include manifest-sync.ts for metadata indexing and append-loop-result.ts for updating evaluation ledgers.\n- [EXTERNAL_DOWNLOADS]: The skill identifies reputable marketing analytics services (e.g., Meta Ads Manager, Triple Whale, Supermetrics) as potential sources for ad data. No unauthorized remote code execution or suspicious network patterns were detected.\n- [PROMPT_INJECTION]: The skill ingests untrusted performance metrics and processes ad copy artifacts, creating a surface for indirect prompt injection.\n
  • Ingestion points: Metric data is ingested from external exports (CSV/Ads Manager), and ad copy is read from the docs/forsvn/artifacts/ directory.\n
  • Boundary markers: The system utilizes structured markdown templates and a TSV ledger to delimit data.\n
  • Capability inventory: The agent possesses file-writing capabilities and can execute local framework scripts via bun.\n
  • Sanitization: The append-loop-result.ts script validates inputs to prevent TSV injection, and a Critic agent provides a quality and safety gate for all generated artifacts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 10:17 PM
Security Audit — agent-trust-hub — evaluate-ad