Skills
skills/agricidaniel/claude-canvas/canvas-template/Gen Agent Trust Hub

canvas-template

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local scripts (scripts/canvas_template.py and scripts/canvas_validate.py) via the python3 interpreter. User-provided data, including the canvas title and various template-specific parameters, is interpolated directly into the shell command strings.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) where malicious instructions could be embedded in the user-provided parameters.
  • Ingestion points: User-provided title and template parameters (e.g., slide_count, step_count) defined in SKILL.md.
  • Boundary markers: The instructions attempt to use double quotes as delimiters (e.g., title="[title]") to wrap user input in the shell command.
  • Capability inventory: The skill has the capability to execute shell commands and write to the local filesystem at the specified output_path as seen in SKILL.md.
  • Sanitization: There is no evidence in the provided SKILL.md of input validation or sanitization to prevent characters like backticks, semicolons, or additional quotes from breaking out of the command string.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 05:07 PM