meta-ads
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed as an analytical layer for a specific Meta MCP server. It follows best practices by requiring user confirmation before performing mutation operations like updating budgets or pausing campaigns.
- [PROMPT_INJECTION]: The skill ingests untrusted data from the Meta Graph API (e.g., campaign names, ad descriptions) and local persona files. This presents a potential surface for indirect prompt injection where malicious text in an ad account could attempt to influence the agent's logic. However, the instructions emphasize structured data processing and specific heuristic evaluation, which significantly reduces the risk of unintended obedience.
- [DATA_EXFILTRATION]: The skill reads business context and performance metrics to generate insights. It maintains a local baseline file (
account-baseline.json) in the data directory to track anomalies over time. No unauthorized network exfiltration patterns or hardcoded credentials were found.
Audit Metadata