canvas-generate
Warn
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill constructs and executes shell commands using
python3for template instantiation and layout application (e.g.,python3 scripts/canvas_template.py [archetype] [output_path] --param title="[topic]"). Since parts of these commands, such as[topic]and[archetype], are derived directly from user descriptions, there is a risk of command injection if the input contains shell metacharacters like semicolons, backticks, or pipes. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user descriptions (Step 1) and passes this data to downstream agents (
canvas-composerandcanvas-media) in Step 4. While the skill includes a 'Quality Gate' (Step 7) to check for placeholder strings, it lacks explicit instructions to sanitize user input for malicious instructions that could influence the behavior of the parallel agents or the final output content. - [DYNAMIC_EXECUTION]: The workflow involves generating parameters and executing scripts at runtime based on the detected 'archetype' and planned 'node count'. This dynamic assembly of execution parameters increases the attack surface if the mapping logic or the underlying scripts do not strictly validate the input variables.
Audit Metadata