canvas-design
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill uses narrative framing in the 'FINAL STEP' section, claiming 'The user ALREADY said...' to simulate a specific conversational state. This is a common prompt engineering technique to override default agent behaviors and force compliance with specific quality constraints.
- [EXTERNAL_DOWNLOADS]: The instructions explicitly tell the agent to 'Download and use whatever fonts are needed to make this a reality,' which encourages the agent to fetch files from remote, unspecified, and potentially untrusted sources.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to deduce 'subtle' or 'niche' references from user input to incorporate into the design philosophy. This creates an attack surface where instructions embedded in user-provided concepts could influence the agent's logic during the deduction phase.
Audit Metadata