canvas-design
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill primarily consists of natural language instructions for artistic creation and standard open-source font licenses. No executable code or suspicious scripts are included.
- [EXTERNAL_DOWNLOADS]: The instructions guide the agent to utilize a local directory of fonts (
./canvas-fonts) and allow for the retrieval of additional fonts if necessary. There are no hardcoded or untrusted URLs provided for these downloads. - [PROMPT_INJECTION]: The skill uses instructional reinforcement techniques (e.g., 'CRITICAL', 'IMPORTANT') and simulated user feedback (e.g., 'It isn't perfect enough') to steer the agent toward higher output quality. These patterns are used for creative refinement and do not attempt to bypass safety filters or override system constraints.
- [COMMAND_EXECUTION]: While the agent is expected to generate file outputs (.pdf, .png), the skill does not contain any direct shell commands or instructions to execute arbitrary code on the host system.
Audit Metadata