canva-webhooks-events
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill instructions and code snippets revealed no malicious patterns across all threat categories.
- [DATA_EXPOSURE]: No hardcoded credentials or sensitive file paths were detected. The skill correctly demonstrates using environment variables for sensitive configuration like Redis URLs.
- [REMOTE_CODE_EXECUTION]: The skill uses well-known, reputable libraries (
jose,express,ioredis) and does not involve downloading or executing unverified remote scripts. - [PROMPT_INJECTION]: No evidence of prompt injection, instruction overrides, or safety bypass attempts was found in the documentation or metadata.
- [EXTERNAL_DOWNLOADS]: External references are limited to official documentation (canva.dev) and well-known public repositories (github.com/panva/jose), which are used for legitimate integration purposes.
Audit Metadata