Embed C2PA (Content Authenticity Initiative) provenance manifests in AI-generated marketing assets (image/video/audio/PDF). Use when: preparing AI-generated ad creative, social images, or video for EU markets to comply with EU AI Act Article 50 (applicable 2 Aug 2026); embedding visible AI-generation disclosure in assets; meeting brand-trust transparency requirements.
git clone https://github.com/indranilbanerjee/digital-marketing-pro.git--- name: c2pa-metadata description: "Embed C2PA (Content Authenticity Initiative) provenance manifests in AI-generated marketing assets (image/video/audio/PDF). Use when: preparing AI-generated ad creative, social images, or video for EU markets to comply with EU AI Act Article 50 (applicable 2 Aug 2026); embedding visible AI-generation disclosure in assets; meeting brand-trust transparency requirements." --- # /digital-marketing-pro:c2pa-metadata — Embed Content Authenticity Provenance ## Purpose Wraps `scripts/embed-c2pa.py` to add a **C2PA (Coalition for Content Provenance and Authenticity) manifest** to any AI-generated marketing asset. The manifest carries a machine-readable provenance trail (who generated it, what generator was used, what prompt produced it, when it was reviewed) plus a visible AI-generation claim in the IPTC digital-source-type vocabulary. This is the technical mechanism brands use to comply with: - **EU AI Act Article 50** (applicable 2 August 2026) — generative-AI marketing content must be marked in a machine-readable format using open, interoperable standards. C2PA is the emerging backbone. Penalty for non-compliance: up to **€15 million or 3% global annual turnover**. - **NY synthetic-performer disclosure law** (effective June 2026) — $1K–$5K per violation, $10K repeat; applies to synthetic influencers and AI-generated endorsements. - **FTC May 2026 endorsement guidance** — covers AI testimonials and synthetic creator content. - **Australia Online Safety Act / UK Online Safety Act** — emerging deepfake disclosure requirements. The resulting asset can be inspected by any C2PA-aware viewer (Adobe Photoshop, Lightroom, Truepic, [contentcredentials.org/verify](https://contentcredentials.org/verify)). ### C2PA spec versions to be aware of (June 2026) - **Content Credentials 2.3** (released 9 February 2026 — [launch post](https://c2pa.org/the-c2pa-launches-content-credentials-2-3-and-celebrates-5-years-of-impact-across-the-digital-ecosystem/)) added format support for: **live video** (broadcast/streaming), **plain text documents**, **OGG Vorbis audio**, **large AVI video files**, and **EXIF Original Preservation Images**. If a brand is signing live-stream video or text-based assets for the first time, 2.3 is the floor version to target. - **C2PA Spec 2.4** (April 2026 — [spec.c2pa.org/specifications/specifications/2.4](https://spec.c2pa.org/specifications/specifications/2.4/specs/C2PA_Specification.html)) introduces the **AI Disclosure Assertion (`c2pa.ai-disclosure`)** for machine-readable AI transparency info — this is the assertion the EU AI Act Article 50 deployer pathway will rely on. The Code of Practice WG1 (providers) and WG2 (deployers) draft guidance both reference C2PA-style assertions as the canonical machine-readable marking mechanism. See `skills/context-engine/eu-code-of-practice.md` for the full Article 50 context. - The **C2PA Trust List** is now handled via the public C2PA Conformance Program (any CA meeting the Certificate Policy can join). Production signing certificates should come from a Conformance-Program-listed CA, not an ad-hoc cert. **For DMP outputs**: when the underlying `embed-c2pa.py` script supports `--ai-disclosure` (or you're piping through a C2PA SDK ≥ 0.36 that handles 2.4), include the `c2pa.ai-disclosure` assertion alongside the existing IPTC digital-source-type claim. The combination gives you both human-readable (IPTC) and machine-readable (c2pa.ai-disclosure) Article 50 signaling. ## When to invoke - Right after any AI image / video / audio generation step in the engagement workflow (Part 11 — AI Creative Instructions output) - Before handing a generated asset to the design team for review - As a pre-publish gate in `/digital-marketing-pro:check` for EU-targeted assets - Bulk-applying to a backlog of AI-generated assets before EU AI Act enforcement on 2 Aug 2026 ## Quick examples ```bash # Single asset — image generated by Vertex AI / Nano Banana Pro /digital-marketing-pro:c2pa-metadata \ --input assets/q3-launch-hero.png \ --output assets/signed/q3-launch-hero.png \ --brand "Acme Corp" \ --generator "Vertex AI / Nano Banana Pro" \ --ai-claim ai-generated-content \ --prompt "minimalist product hero shot, soft natural lighting" # Video with human review tracked /digital-marketing-pro:c2pa-metadata \ --input campaigns/launch-video-v3.mp4 \ --output campaigns/signed/launch-video-v3.mp4 \ --brand "Acme Corp" \ --generator "Runway Gen-4" \ --ai-claim ai-generated-content \ --reviewer "Jane Smith" # Human-created image with AI-assisted edits /digital-marketing-pro:c2pa-metadata \ --input assets/founder-headshot-edited.jpg \ --output assets/signed/founder-headshot-edited.jpg \ --brand "Acme Corp" \ --generator "Adobe Generative Fill" \ --ai-claim ai-assisted-edits # Production sign with a real C2PA signing certificate /digital-marketing-pro:c2pa-metadata \ --input assets/q3-launch-hero.png \ --output assets/signed/q3-launch-hero.png \ --brand "Acme Corp" \ --generator "Vertex AI / Nano Banana Pro" \ --ai-claim ai-generated-content \ --signing-cert /secure/c2pa-prod-cert.pem \ --signing-key /secure/c2pa-prod-key.pem ``` ## AI claim values (IPTC digital source type) | Value | When to use | Maps to IPTC URI | |---|---|---| | `ai-generated-content` | Asset fully generated by AI | `algorithmicMedia` | | `ai-assisted-edits` | Human-created + AI-edited (e.g. Generative Fill) | `compositeWithTrainedAlgorithmicMedia` | | `ai-no-substantive-changes` | AI used (e.g. upscaling) but no semantic change | `minorHumanEdits` | The IPTC vocabulary is what EU AI Act regulators reference — using these values rather than ad-hoc strings makes the asset interoperable with the Article 50 enforcement tooling. ## Supported asset formats `.png` · `.jpg/.jpeg` · `.webp` · `.gif` · `.tiff` · `.mp4` · `.mov` · `.webm` · `.mp3` · `.wav` · `.pdf` ## Signing certificate Production C2PA signatures require a certificate from a CAI-recognized signing authority. The script will use one if you pass `--signing-cert` and `--signing-key`. If you omit them, the script generates a **self-signed 90-day dev certificate** for development testing only — a self-signed asset will verify as "signature present but signer not in trust list" at [contentcredentials.org/verify](https://contentcredentials.org/verify). For production deployment: 1. Obtain a C2PA-compatible signing certificate from a CAI-recognized authority (Adobe, Truepic, Numbers Protocol, Microsoft Azure Confidential Ledger). 2. Store the cert + key securely (do NOT commit to git; use an environment-variable path or secret store). 3. Pass `--signing-cert` and `--signing-key` on every production invocation. Reference: [opensource.contentauthenticity.org/docs/manifest/signing-manifests/](https://opensource.contentauthenticity.org/docs/manifest/signing-manifests/) ## Python dependencies - `c2pa-python>=0.5.0` — auto-installed on first run via `pip install` - `cryptography` — only needed for the dev self-signed cert path; auto-installed if missing Both are part of the plugin's **Full mode** (~50 MB) — see `pip install -r scripts/requirements.txt` in the README. ## Output The script prints a JSON status report to stdout: ```json { "status": "success", "input": "assets/q3-launch-hero.png", "output": "assets/signed/q3-launch-hero.png", "size_bytes": 482371, "brand": "Acme Corp", "generator": "Vertex AI / Nano Banana Pro", "ai_claim": "ai-generated-content", "created": "2026-05-16T10:30:00+00:00", "manifest_assertions": ["c2pa.actions", "stds.schema-org.CreativeWork"], "using_dev_cert": false, "verify_url": "https://contentcredentials.org/verify" } ``` ## Integration with the engagement workflow In a full 12-part engagement, this skill plugs in at **Part 11 — AI Creative Instructions output**. After a creative brief is rendered as an actual asset (in SocialForge or a manual creative process), the resulting file passes through `c2pa-metadata` before being checked in to `engagements/<slug>/11-creative-briefs/signed/`. The `/digital-marketing-pro:check` pre-publish gate should also verify that all AI-generated assets in an EU-targeted campaign carry a C2PA manifest. v3.4 adds this verification to the EU jurisdiction rule pack in `skills/context-engine/compliance-rules.md`. ## Related - `/digital-marketing-pro:check` — pre-publish quality gate (now verifies C2PA manifest on AI assets for EU campaigns) - `skills/context-engine/compliance-rules.md` — EU AI Act Article 50 rule pack - `skills/influencer-creator/ftc-compliance.md` — FTC May 2026 endorsement guidance - [C2PA spec v1.3](https://c2pa.org/specifications/specifications/1.3/index.html) - [Content Authenticity Initiative](https://contentauthenticity.org/)
No install command available. Check the GitHub repository for manual installation instructions.
git clone https://github.com/indranilbanerjee/digital-marketing-pro/tree/main/skills/c2pa-metadataCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
Generate a C2PA provenance manifest for the AI-generated marketing asset '[FILE_NAME]' created for [COMPANY] in [INDUSTRY]. Include: 1) Creator details (AI tool/model used, e.g., 'DALL-E 3'), 2) Generation timestamp, 3) AI disclosure statement (e.g., 'This image was AI-generated'), 4) [COMPANY] brand attribution, 5) Edits/transformations applied (if any). Export as a C2PA JSON-LD manifest file named '[FILE_NAME]_c2pa.json'.
# C2PA Provenance Manifest for 'summer_campaign_ad.jpg'
**Creator Information:**
- Tool: DALL-E 3
- Model Version: 3.0
- Generation Timestamp: 2024-05-15T14:30:00Z
- AI Disclosure: "This image was AI-generated using DALL-E 3 for [CompanyName]'s summer campaign."
**Company Attribution:**
- Brand: EcoStyle Apparel
- Campaign: "Sustainable Summer 2024"
**Transformations Applied:**
1. Upscaled resolution from 1024x1024 to 2048x2048
2. Color grading adjustment (slightly warmer tones)
3. Added watermark: "AI-Generated"
**Provenance Chain:**
- Source: AI-generated base asset
- Edits: Manual adjustments by [DesignerName], 2024-05-15
**Compliance Notes:**
- EU AI Act Article 50 metadata embedded (applicable 2026)
- Visible AI disclosure included in final asset
**File Format:** C2PA JSON-LD (embedded in final output)
---
```json
{
"@context": "https://c2pa.org/ns/1.0/",
"title": "summer_campaign_ad.jpg",
"generator": {
"name": "DALL-E 3",
"version": "3.0"
},
"claim_generator_info": "DALL-E 3",
"assertions": [
{
"label": "stds",
"data": {
"actions": [
{
"action": "generated",
"timestamp": "2024-05-15T14:30:00Z"
}
]
}
},
{
"label": "c2pa.ai",
"data": {
"prompt": "A vibrant summer advertisement for EcoStyle Apparel's sustainable clothing line...",
"disclosure": "This image was AI-generated using DALL-E 3 for EcoStyle Apparel's summer campaign."
}
}
]
}
```skills-collection
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan