theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains only standard instructional language for theme application and does not attempt to override agent safety protocols or system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations (such as curl or fetch) are present in the skill definition.
- [Remote Code Execution] (SAFE): There are no patterns involving the download or execution of external scripts, and no package dependencies are defined.
- [Obfuscation] (SAFE): All text is provided in clear markdown with no evidence of Base64 encoding, zero-width characters, or other hidden content.
- [Indirect Prompt Injection] (LOW): The skill allows for dynamic theme generation based on user input, which is a standard feature; however, it lacks the necessary capabilities (such as file-writing or network access) to be used as a vector for malicious behavior.
Audit Metadata