theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): Potential for Indirect Prompt Injection as the skill processes external artifacts and user descriptions. 1. Ingestion points: Artifact content (slides, docs, HTML) and user-provided descriptions for custom theme generation. 2. Boundary markers: Absent; no specific delimiters are defined to isolate untrusted data from the agent's instructions. 3. Capability inventory: Reading local files (theme-showcase.pdf, themes/*) and applying styling modifications to artifacts. 4. Sanitization: None specified.
- NO_CODE (INFO): The skill contains only natural language instructions in markdown format and lacks any executable scripts or code files.
Audit Metadata