canva-policy-guardrails
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is focused on improving security posture. It provides templates for ESLint rules, pre-commit hooks, and CI workflows designed to detect hardcoded credentials and ensure proper error handling for Canva API calls.
- [CREDENTIALS_UNSAFE]: The skill contains regular expressions used for detecting credentials (e.g., prefixes like 'cnvat_' and 'OCA'). These are used defensively to prevent secret leakage in codebase and do not represent hardcoded secrets themselves.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation for ESLint, Pre-commit, and Canva. These are well-known, trusted resources.
- [COMMAND_EXECUTION]: Provides Bash-based pre-commit hooks and CI scripts. These are standard implementation patterns for policy enforcement and do not contain malicious payloads or exfiltration logic.
Audit Metadata