The Agent Skills Directory

[PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection (Category 8) as it processes untrusted data from Canvas courses. Ingestion points: Untrusted data is retrieved from get_course_structure, list_assignments, and get_page_content. Boundary markers: The skill lacks explicit markers or instructions to ignore embedded prompts within the course data. Capability inventory: The skill has the ability to modify course content using the update_module and bulk_update_pages tools. Sanitization: There is no evidence of sanitization or filtering of the content retrieved from the LMS.
[COMMAND_EXECUTION]: The skill uses Canvas MCP tools to perform course audits and updates. All operations that change course state, such as publishing items, require explicit user confirmation, which serves as a security control.

canvas-course-qc