theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its custom theme generation feature.\n
- Ingestion points: The agent accepts and processes natural language descriptions from the user to generate new styling parameters (SKILL.md).\n
- Boundary markers: Absent. No delimiters or specific instructions are provided to ensure the agent ignores embedded commands within the user's theme descriptions.\n
- Capability inventory: The agent has the capability to modify and apply styling (colors, fonts) to artifacts like slide decks, documents, and HTML pages (SKILL.md).\n
- Sanitization: Absent. There is no evidence of input validation or sanitization before processing the user-provided theme descriptions.\n- [NO_CODE]: The skill contains no executable scripts, binaries, or code files, consisting entirely of markdown-based theme definitions and documentation.
Audit Metadata