theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill is designed to process user-provided artifacts (documents, slide decks, HTML pages) to apply styling. While this is an ingestion surface for untrusted data, the skill possesses no high-risk capabilities like network access, shell execution, or sensitive file manipulation, which mitigates the impact of potential injection.
- Ingestion points: User-provided artifacts and slide decks (SKILL.md).
- Boundary markers: Absent; the skill relies on the agent's internal logic to parse the artifacts.
- Capability inventory: No executable code is present. The skill's functions are limited to reading local theme files and recommending formatting changes.
- Sanitization: None provided, though the risk is minimal given the lack of executable logic.
- No Code (SAFE): The skill consists entirely of Markdown configuration files. There are no Python scripts, Node.js packages, or binary executables, which eliminates the risk of remote code execution or privilege escalation via the skill's own logic.
Audit Metadata