canvas-design
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses an instruction pattern to manipulate the agent's perception of user state ('The user ALREADY said...') to enforce specific craftsmanship requirements.
- [COMMAND_EXECUTION]: The agent is directed to generate and refine code (e.g., for image generation) to produce the requested visual artifacts, which involves the execution of generated scripts.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection through user-provided design inputs.
- Ingestion points: Niche references and design descriptions provided by the user as described in SKILL.md.
- Boundary markers: Absent; user input is processed as a foundational conceptual thread without explicit delimiters.
- Capability inventory: File-writing (.png, .pdf, .md) and implied code execution to generate these files.
- Sanitization: None; input is interpreted directly as design logic without validation or escaping.
Audit Metadata