canvas-component-upload
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the '@drupal-canvas/cli' package on the official NPM registry and provides documentation links to Drupal's official Git infrastructure (git.drupalcode.org).
- [COMMAND_EXECUTION]: The skill uses 'npx' to execute the 'canvas upload' command, which is the primary intended functionality for interacting with the Drupal Canvas service.
- [EXTERNAL_DOWNLOADS]: Use of 'npx' naturally involves fetching or verifying packages from the NPM registry at runtime, which is consistent with the skill's stated purpose of using the Drupal Canvas CLI.
Audit Metadata