The Agent Skills Directory

PROMPT_INJECTION (LOW): Indirect prompt injection surface detected in the custom theme generation feature. The 'Create your Own Theme' instruction in SKILL.md directs the agent to ingest untrusted user descriptions to generate styling parameters. This surface could be exploited to influence agent behavior if the underlying model is not sufficiently robust against instructions embedded in data. * Ingestion points: User-provided descriptions used for generating new themes in SKILL.md. * Boundary markers: Absent in the provided instructions. * Capability inventory: The skill has the capability to read theme files and apply (write/modify) styling to artifacts like slides, docs, and HTML pages. * Sanitization: No input validation or sanitization of user-provided descriptions is mentioned.
Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network operations were found in the skill files.
Remote Code Execution & Dependencies (SAFE): The skill does not include any executable scripts, remote code download patterns, or external package dependencies.
Obfuscation (SAFE): No base64, zero-width characters, or other obfuscation techniques were detected in the markdown files.

theme-factory