theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): Comprehensive analysis of all 11 files (SKILL.md and 10 theme files) revealed no malicious patterns, prompt injection, or data exfiltration vectors.
- [NO_CODE] (SAFE): The skill consists entirely of markdown documentation and design specifications. There are no scripts, binaries, or configuration files that trigger code execution.
- [PROMPT_INJECTION] (LOW): An indirect prompt injection surface exists in the 'Create your Own Theme' feature (Category 8). Evidence: 1. Ingestion point: User-provided descriptions for custom themes in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Agent-directed styling of artifacts (e.g., slides, HTML). 4. Sanitization: Absent. The risk is assessed as LOW because it is limited to the visual styling of documents and does not involve high-privilege capabilities.
Audit Metadata