canvas-design-skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
generate_canvas.py) located within the skill's own directory structure (.shared/canvas-design-skill/scripts/) to generate design templates. This is standard functionality for the skill's purpose. - [PROMPT_INJECTION]: The skill processes user-supplied design patterns to create HTML files, which represents a potential surface for indirect prompt injection or cross-site scripting (XSS).
- Ingestion points: User-provided pattern argument in the execution command.
- Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the command template.
- Capability inventory: The skill is capable of writing generated code to a local file (output.html).
- Sanitization: No explicit sanitization or validation of the input patterns is mentioned in the skill documentation.
Audit Metadata