canvas
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external Canvas API endpoints.
- Ingestion points: Untrusted data enters the agent context through course and assignment listings fetched in
scripts/canvas_api.pyfrom endpoints like/api/v1/coursesand/api/v1/courses/{course_id}/assignments. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions potentially embedded in the fetched data.
- Capability inventory: The skill has the capability to perform network requests using the
requestslibrary inscripts/canvas_api.py. - Sanitization: The script performs basic length control by truncating assignment descriptions to 500 characters, but does not implement security-specific sanitization or filtering of the fetched content.
Audit Metadata