canva

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill calls the public Canva API (https://api.canva.com/rest/v1) to list and fetch user-generated designs, pages, assets and comments (see "List Designs", "Get Design Details", "List Design Pages", "Get Asset Details", and comment endpoints in SKILL.md), so the agent would read arbitrary third-party/user-generated content that could influence subsequent actions.