Skills
skills/canva-sdks/canva-claude-skills/canva-branded-presentation/Snyk

canva-branded-presentation

Warn

Audited by Snyk on Apr 9, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The workflow (SKILL.md, Workflow step 1) explicitly reads user-provided Canva design links or Canva docs via Canva:start-editing-transaction and Canva:search-designs, ingesting third-party user-generated content which the agent uses to drive generation decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 9, 2026, 11:02 AM
Issues
1