canva
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill interacts with the Canva API, which returns user-controlled data such as design titles and comments. This represents a potential surface for indirect prompt injection if malicious content is embedded in Canva resources.
- Ingestion points: API responses from Canva (e.g., design metadata, folder items, asset tags, and comment messages) processed in
SKILL.md. - Boundary markers: No specific delimiters or warnings to ignore instructions within API data are present.
- Capability inventory: The skill uses
curlfor network operations andjqfor data parsing; it also writes temporary JSON payloads to/tmp/canva_request.json. - Sanitization: No explicit sanitization or validation of data retrieved from the API is defined.
- [COMMAND_EXECUTION]: The skill uses standard CLI tools (
curl,jq) to interact with a well-known service (Canva). These operations are restricted to the intended purpose of the skill and do not involve unauthorized command execution or privilege escalation.
Audit Metadata