canvas-design
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions, reference documents, or scripts.
- [EXTERNAL_DOWNLOADS]: The skill references the
anthropics/skillsrepository as a source for design methodologies. This is an informational reference and does not involve the automated download or execution of remote content. - [COMMAND_EXECUTION]: Provides a local Python script (
scripts/generate-palette.py) to assist with color palette generation. The script is self-contained, relies solely on standard Python libraries, and performs no network or sensitive file system operations. - [PROMPT_INJECTION]: The skill establishes an attack surface by processing user-provided design requirements to generate documentation. 1. Ingestion points: User-defined design principles and aesthetic choices in SKILL.md. 2. Boundary markers: None. 3. Capability inventory: Execution of local Python scripts and file creation for markdown documents. 4. Sanitization: None.
Audit Metadata