canvas-design
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: A comprehensive security audit of the skill instructions and associated files found no evidence of malicious intent, credential theft, or unauthorized network operations. The skill's behavior is entirely aligned with its creative purpose.
- [NO_CODE]: This skill consists solely of natural language instructions and text-based license files. It does not include any executable scripts (Python, Node.js, Shell, etc.) that could be used for malicious purposes.
- [PROMPT_INJECTION]: The skill employs a simulated history technique ("The user ALREADY said...") to nudge the AI model into a high-quality creative mode. While this mimics override patterns, it is a benign prompt engineering strategy used here for quality control rather than safety bypass.
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection because it ingests user-provided conceptual threads to generate art. However, the risk is negligible given the restricted nature of the output. 1. Ingestion points: User instructions (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: File generation (.md, .pdf, .png) using internal agent tools. 4. Sanitization: Absent.
- [EXTERNAL_DOWNLOADS]: The skill references several open-source font projects (e.g., from well-known sources like Google Fonts, Vercel, and JetBrains) and provides their licenses. The instruction to download fonts is a natural language directive for the creative process and does not involve malicious URLs or automated download scripts.
Audit Metadata