canvas-data-fetching

[Skill Scanner] Download or install from free hosting/deployment platform detected This skill is documentation for a data-fetching integration that legitimately requires reading environment variables and making direct HTTP requests to the configured Drupal JSON:API endpoint. There is no evidence of malicious code, obfuscation, credential harvesting, or third-party proxying in the provided content. The primary security consideration is trust in the configured CANVAS_SITE_URL (an attacker-controlled URL would legitimate cause components to load attacker-provided content). Otherwise the behavior is consistent with the stated purpose. LLM verification: This SKILL.md is documentation plus example code for fetching Drupal JSON:API content using SWR. It is coherent with its stated purpose: environment checks, building queries, and rendering content. No evidence of obfuscation, hardcoded secrets, credential harvesting, third-party proxying, dynamic code execution, or other malicious behaviors is present in the provided content. The static scanner flags are context-appropriate false positives (link to SWR docs and mention of reading .env). Recommen