The Agent Skills Directory

[Remote Code Execution] (MEDIUM): The skill instructs the user to execute an unverified third-party package using npx @imazhar101/mcp-canvas-server. This downloads and executes code from an external source not included in the trusted organizations list.- [External Downloads] (MEDIUM): Linux installation instructions utilize a high-risk pattern: curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo -E bash -. Piped remote script execution to a root shell is a security anti-pattern, even when originating from known infrastructure providers like NodeSource.- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from Canvas LMS (course modules, front pages, and assignments) which could contain malicious instructions. The skill lacks explicit boundary markers or sanitization steps to protect the agent from interpreting this data as commands.
Ingestion points: SKILL.md (via mcp__canvas-mcp__list_modules, mcp__canvas-mcp__get_course_front_page, and mcp__canvas-mcp__list_assignments tools).
Boundary markers: Absent.
Capability inventory: Local command execution (node, claude mcp, curl).
Sanitization: Absent.

canvas-lms