The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires connecting to a remote MCP server at https://rube.app/mcp. This server provides the tool definitions and execution environment for the Canva automation. As this domain is not on the trusted source list, it represents an unverifiable remote dependency.\n- [DATA_EXFILTRATION] (MEDIUM): The CANVA_CREATE_ASSET_UPLOAD_JOB tool includes a url parameter. This capability allows the agent to fetch data from any URL and upload it to Canva, which could be exploited to exfiltrate sensitive data from internal network resources or local metadata services if the agent is misdirected.\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it processes untrusted input through design queries and template data without safety boundaries.\n
Ingestion points: SKILL.md (via query in CANVA_LIST_USER_DESIGNS and data in CANVA_INITIATE_CANVA_DESIGN_AUTOFILL_JOB).\n
Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings for handling external data.\n
Capability inventory: Network-based file uploads and design manipulation via Canva MCP tools.\n
Sanitization: Absent. There is no evidence of input validation or content filtering for the data processed by the tools.

canva-automation