cmo-agent
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied brand briefs, documents, and URLs to generate campaign content. This creates a surface for indirect prompt injection where malicious instructions could be embedded in the source materials.
- Ingestion points: Intake phase in
SKILL.md(URLs, docs, text blocks). - Boundary markers: The prompts do not include explicit delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The agent creates directories and writes multiple markdown files to the local file system. It also utilizes
ToolSearchto discover and invoke Higgsfield-related visual generation tools. - Sanitization: No explicit validation or filtering of user-provided text is performed before interpolation into the generation prompts.
- [EXTERNAL_DOWNLOADS]: The skill references the Higgsfield MCP documentation and tools for rendering campaign visuals. This is a reference to a well-known AI visual generation service.
Audit Metadata