canvas-bulk-grading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches student submissions and attachments from Canvas (see "Step 2: List Submissions" and Strategy C's execute_typescript example that inspects submission.attachments like .ipynb files) and expects the agent/code to read and act on that user-generated content to decide grades, so untrusted third-party content can materially influence actions.