canva-translate-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches text from user/third-party Canva designs (via extracting a design ID from a provided URL or using Canva:start-editing-transaction after search), and the agent reads and translates that untrusted, user-generated content which is then used to drive editing operations—allowing injected instructions in the design text to influence behavior.