canvas-week-plan
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from untrusted external data retrieved via the Canvas platform.
- Ingestion points: Assignment instructions, rubrics, and peer review text fetched using the get_assignment_details and get_my_peer_reviews_todo tools as described in SKILL.md.
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present to isolate the external data from the agent's task logic.
- Capability inventory: The skill performs data retrieval using multiple MCP tools (get_my_upcoming_assignments, get_my_submission_status, get_my_course_grades, get_my_peer_reviews_todo, and get_assignment_details) and formats this data for the user.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the content retrieved from Canvas before it is processed.
Audit Metadata