theme-factory
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions for generating custom themes and styling external artifacts present an indirect prompt injection surface.
- Ingestion points: User-provided theme descriptions and untrusted artifacts (slides, docs, HTML) as specified in SKILL.md.
- Boundary markers: No delimiters or instructions to ignore embedded commands within processed data are present.
- Capability inventory: The skill relies on agent capabilities to read from and write to file systems to apply theme changes.
- Sanitization: No input validation or content sanitization mechanisms are defined, although the skill includes a human review step for custom themes.
- [NO_CODE]: The skill contains no executable scripts, binaries, or complex automation, relying solely on natural language instructions and markdown configuration files.
- [SAFE]: No hardcoded credentials, malicious network operations, or obfuscated content were detected in the theme definition files or instructions.
Audit Metadata