canvas-course-builder
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No direct instructions to bypass safety guidelines, reveal system prompts, or override agent behavior were found.
- [PROMPT_INJECTION]: Evaluated the risk of indirect prompt injection as the skill processes external JSON templates and course structure data. This attack surface is mitigated by the skill's design, which requires a manual structure preview and explicit user approval before performing any write operations. 1. Ingestion points: User-provided descriptions, JSON template files, and existing course data retrieved via 'get_course_structure' (SKILL.md). 2. Boundary markers: Mandatory 'Structure Preview' step and explicit 'User Approval' step prior to execution. 3. Capability inventory: Access to Canvas creation tools including 'create_module', 'create_page', 'create_assignment', and 'create_discussion_topic'. 4. Sanitization: Relies on manual human verification of the build plan.
- [SAFE]: No evidence of hardcoded credentials, sensitive file path access, or unauthorized network activity was identified. The skill operates through authorized MCP tool interfaces.
Audit Metadata