budget-optimizer
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several Python scripts locally to analyze metrics and apply budget changes, including
pull_platform_metrics.py,analyze_budgets.py, andapply_budget_changes.py. - [EXTERNAL_DOWNLOADS]: The skill references the author's official GitHub repository and website for documentation. These are verified vendor resources belonging to Synter-Media-AI.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill processes data from external sources.
- Ingestion points: Performance metrics and campaign metadata are retrieved from external ad platform APIs (e.g., Google, Meta, TikTok) through the
pull_platform_metrics.pyscript and stored inmetrics.json. - Boundary markers: The skill does not define explicit delimiters or instructions to prevent the agent from following commands that might be hidden in campaign names or other external metadata.
- Capability inventory: The skill can read and write local files and has the authority to execute budget modifications on external advertising accounts via
apply_budget_changes.py. - Sanitization: No specific sanitization or validation of the data pulled from external APIs is mentioned in the skill instructions.
Audit Metadata