google-ads-copy
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from external sources and local files that could potentially contain malicious instructions.
- Ingestion points: Reads search term data from Google Ads (search_term_view) and business context from {data_dir}/business-context.json and {data_dir}/personas/{accountId}.json in SKILL.md.
- Boundary markers: The instructions do not define explicit delimiters or warnings to ignore instructions embedded within the ingested search terms or business data.
- Capability inventory: The skill has the capability to execute GAQL queries via runScript and manage ad experiments using tools like createAdVariationExperiment and createExperiment in SKILL.md.
- Sanitization: There is no mention of filtering or sanitizing external search term data before it is incorporated into the ad copy generation process.
- [COMMAND_EXECUTION]: The skill uses a script execution tool to query Google Ads data.
- Evidence: SKILL.md instructs the agent to use runScript with ads.gaqlParallel to perform data analysis on various Google Ads views.
Audit Metadata