budget-optimizer

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several Python scripts locally to analyze metrics and apply budget changes, including pull_platform_metrics.py, analyze_budgets.py, and apply_budget_changes.py.
  • [EXTERNAL_DOWNLOADS]: The skill references the author's official GitHub repository and website for documentation. These are verified vendor resources belonging to Synter-Media-AI.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill processes data from external sources.
  • Ingestion points: Performance metrics and campaign metadata are retrieved from external ad platform APIs (e.g., Google, Meta, TikTok) through the pull_platform_metrics.py script and stored in metrics.json.
  • Boundary markers: The skill does not define explicit delimiters or instructions to prevent the agent from following commands that might be hidden in campaign names or other external metadata.
  • Capability inventory: The skill can read and write local files and has the authority to execute budget modifications on external advertising accounts via apply_budget_changes.py.
  • Sanitization: No specific sanitization or validation of the data pulled from external APIs is mentioned in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 11:12 AM