canvas-design
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill expects the agent to use code generation and refinement tools to produce visual artifacts. This is a standard and safe capability for graphic design-focused tasks.
- [EXTERNAL_DOWNLOADS]: The instructions permit the agent to fetch additional font resources from external sources if necessary. The provided license files reference reputable repositories (e.g., Google Fonts, Vercel, JetBrains), which are well-known and safe sources.
- [PROMPT_INJECTION]: The skill uses behavioral priming ('The user ALREADY said...') to enforce a high standard of craftsmanship. This is a stylistic directive rather than an attempt to bypass safety constraints.
- [PROMPT_INJECTION]: The skill manages a data ingestion surface for processing user-defined conceptual themes into artwork. Although it does not specify explicit boundary markers or sanitization, the risk is negligible given the skill's specific output format and creative scope:
- Ingestion points: User input for artistic themes is processed in
the-critical-understanding.mdandessential-principles.md. - Boundary markers: Not explicitly defined.
- Capability inventory: The agent can write files (.md, .pdf, .png) and execute commands to generate imagery.
- Sanitization: Not explicitly defined.
Audit Metadata