canva-presentation-time-fitting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads visible slide text from a user-provided Canva design (via Canva:get-design-content and Canva:get-design-pages in Steps 4 and 7) and uses that content to generate and write back presenter notes, so arbitrary user-generated/untrusted slide content could influence agent behavior and enable indirect prompt injection.