Canva

Security checks across malware telemetry and agentic risk

Overview

This appears to be a coherent Canva API skill with a minor documentation mismatch, not evidence of harmful behavior.

Install this if you intend to use Canva asset-upload workflows. Be aware that one status-check action may be described too cautiously as write-changing, so review Canva-mutating actions separately and confirm before creating, updating, or deleting Canva content.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The action description indicates a read-only operation that retrieves upload-job status and metadata, but the guidance labels it as a write action that changes Canva state. This mismatch can mislead an agent or operator into applying the wrong trust and confirmation model, potentially causing incorrect workflow decisions, unnecessary user friction, or unsafe assumptions about adjacent actions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal