canvas-design
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The core logic of the skill is dedicated to creative visual design and documentation. It guides the agent through an iterative process to ensure high-quality output.
- [EXTERNAL_DOWNLOADS]: The skill instructions advise the agent to 'Download and use whatever fonts are needed'. This is a functional requirement for the design task and does not provide malicious URLs or execute remote code.
- [COMMAND_EXECUTION]: The instructions refer to the agent's internal capabilities for generating code or calling functions to draw shapes and create files (PDF/PNG). This represents the primary intended use case for the skill.
- [PROMPT_INJECTION]: The 'FINAL STEP' section uses a simulated user feedback prompt ('The user ALREADY said...') to trick the agent into a refinement loop for better quality. While this is a form of instruction manipulation, it is used for creative optimization rather than bypassing safety filters or security constraints.
- [NO_CODE]: Aside from instructional prompts and font licenses, no executable scripts or system-level code are included in the skill package.
Audit Metadata