ad-creative
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the optional
Landing page URLparameter. Ingestion points: Untrusted data enters the agent context from external websites during the message-match process (SKILL.md). Boundary markers: Absent; there are no instructions to delimit the external content or disregard embedded prompts. Capability inventory: The skill uses file-read access for local profiles and network-read access for landing pages. Sanitization: Absent; no validation or filtering of fetched content is performed. - [COMMAND_EXECUTION]: The skill is instructed to read multiple local files from the
~/.claude-marketing/directory, including brand profiles, compliance rules, and SOPs, to establish the necessary context for content generation.
Audit Metadata