Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/canva-core-workflow-b/Gen Agent Trust Hub

canva-core-workflow-b

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill exclusively communicates with official Canva domains (api.canva.com) using standard authentication patterns.
  • [COMMAND_EXECUTION]: The skill uses readFileSync to read local files for the purpose of uploading them to Canva as design assets. This is a functional requirement for the skill's primary purpose.
  • [EXTERNAL_DOWNLOADS]: The skill supports uploading assets via URL, which utilizes Canva's backend to fetch content from external sources.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes template metadata and field names from the Canva API and interpolates user-provided text into design fields.
  • Ingestion points: Canva API responses from /brand-templates and /dataset endpoints, as well as user-supplied text for autofilling templates.
  • Boundary markers: Not present.
  • Capability inventory: Local file reading, network request capability to Canva APIs, and restricted shell access (npm).
  • Sanitization: None observed; the skill relies on the underlying agent's handling of data strings.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:01 AM
Security Audit — agent-trust-hub — canva-core-workflow-b