theme-factory
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through its custom theme generation functionality.
- Ingestion points: User-provided inputs and descriptions for custom themes enter the agent context via instructions in SKILL.md.
- Boundary markers: Absent; the skill does not define delimiters to separate user data from the generation instructions.
- Capability inventory: The agent is instructed to modify artifact styles (colors and fonts) in slides, documents, and HTML landing pages.
- Sanitization: Absent; there is no mention of validating or escaping user-provided text before it is used in the theme generation process.
Audit Metadata