cmo-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network operations were detected in the skill file.
- [SAFE]: The skill references local vendor-owned scripts (e.g., scripts/campaign_analyzer.py) and data files (e.g., leads.csv) for marketing analysis tasks, which is consistent with the skill's stated purpose and author context.
- [SAFE]: All referenced external materials and dependencies point to internal project files or local paths, with no external downloads from untrusted sources.
- [SAFE]: Indirect Prompt Injection analysis: The skill ingests untrusted data via 'leads.csv' and 'topics.yaml' and has capabilities to execute local Python scripts. However, these are documented as standard analytical tools without evidence of unsafe LLM interpolation or malicious redirection.
Audit Metadata