google-ads
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure design principles, using local workspace storage and human-in-the-loop checkpoints for all actionable changes.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted search term and landing page data. 1. Ingestion points: Search term reports and landing pages accessed via google-ads-mcp and browser/fetch. 2. Boundary markers: Not explicitly instructed. 3. Capability inventory: Writes analysis to workspace/ads/ and executes account modifications through google-ads-mcp. 4. Sanitization: No explicit sanitization or escaping of search queries is mentioned in the prompts. This constitutes a potential attack surface, but is mitigated by the mandatory manual review of all drafts.
Audit Metadata