theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The 'Create your Own Theme' feature allows users to provide descriptions that guide the generation of new themes, creating an ingestion point for untrusted data. (1) Ingestion Point: User-provided theme descriptions in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: Modification of document styling (hex codes and fonts) based on generated themes. (4) Sanitization: Absent. Risk is mitigated by the restricted capability tier, as the agent is only authorized to modify visual styling attributes rather than executing content or accessing sensitive files.
- External Downloads (INFO): SKILL.md instructs the agent to display a 'theme-showcase.pdf' which is not included in the provided file set. Following the [TRUST-SCOPE-RULE], this reference to a missing file from a trusted organization (anthropics) is categorized as low-risk/INFO.
- No Code (SAFE): Verification of the package confirms it is composed entirely of markdown documentation. There are no Python scripts, Node.js packages, binary executables, or network-bound exfiltration patterns present.
Audit Metadata