canvas-design
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs a behavioral conditioning technique by claiming the user has already requested a 'masterpiece,' which is used to override default operational constraints and force a specific high-effort output style.
- [EXTERNAL_DOWNLOADS]: The instructions command the agent to 'Download and use whatever fonts are needed,' which involves performing network operations to retrieve assets from unspecified external sources.
- [COMMAND_EXECUTION]: The skill requires the agent to iteratively write and refine code to generate visual artifacts such as .pdf and .png files, representing a surface for dynamic code execution.
- [PROMPT_INJECTION]: The skill processes user-provided conceptual references or 'subtle inputs' as the foundation for design creation. This ingestion point lacks explicit boundary markers or sanitization, creating a surface where embedded instructions in the user's input could influence the agent's file-writing or code-execution tasks.
Audit Metadata