marketing-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its data-processing workflows.
- Ingestion points: The competitive-ads-extractor scrapes external advertisements from Facebook and LinkedIn; the lead-research-assistant analyzes the user's local codebase and gathers company info from the web.
- Capability inventory: The skill utilizes powerful tools including Read, Write, MultiEdit, WebSearch, and WebFetch.
- Boundary markers: There are no delimiters or 'ignore' instructions provided to the agent to distinguish between its instructions and the data it fetches.
- Sanitization: No sanitization or escaping of external content is specified before the data is interpreted by the agent.
- [EXTERNAL_DOWNLOADS]: The skill frequently interacts with external services to perform its tasks. It uses WebSearch and WebFetch tools to retrieve data from well-known platforms like the Facebook Ad Library and LinkedIn for competitive intelligence gathering.
Audit Metadata