canvas-design
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill contains no attempts to override system prompts, bypass safety filters, or extract underlying instructions. The language is purely creative and instructional.
- DATA_EXFILTRATION (SAFE): There are no hardcoded credentials (API keys, tokens), sensitive file paths, or network operations (curl, wget, fetch) detected.
- REMOTE_CODE_EXECUTION (SAFE): No external packages or remote scripts are downloaded or executed. The skill does not reference any package managers or remote URLs.
- OBFUSCATION (SAFE): No Base64, zero-width characters, homoglyphs, or encoded strings were found.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill acts as a set of stylistic rules for the AI. While it processes user descriptions for art, it does not ingest untrusted external data formats or provide high-risk tool capabilities that could be exploited through input.
Audit Metadata