Skills
skills/canva-sdks/canva-claude-skills/canva-resize-for-all-social-media/Gen Agent Trust Hub

canva-resize-for-all-social-media

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFE
Full Analysis
  • SAFE (SAFE): No security issues detected. The skill follows best practices for automated workflows within a constrained tool environment.
  • Indirect Prompt Injection (LOW): The skill processes user-provided design names and URLs. While this presents a theoretical surface for indirect prompt injection (e.g., a design title containing malicious instructions), the impact is limited by the specific toolset (Canva API) and the lack of high-risk capabilities like arbitrary shell execution or broad network access.
  • Ingestion points: User input (design ID/URL/name) and API responses (design titles).
  • Boundary markers: None explicitly defined for interpolated design names.
  • Capability inventory: Limited to get-design, search-designs, resize-design, and export-design tools.
  • Sanitization: None observed for design metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 06:05 PM