theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- NO_CODE (SAFE): The skill contains only Markdown documentation and configuration files. There are no Python scripts, JavaScript files, or binary executables included in the provided file list.
- PROMPT_INJECTION (SAFE): The instructions in SKILL.md provide clear, benign guidance for the agent's task. No patterns suggesting behavior overrides, safety filter bypasses, or 'Ignore previous instructions' were detected.
- DATA_EXFILTRATION (SAFE): No sensitive file paths, credential patterns, or network communication commands (e.g., curl, wget) were found.
- INDIRECT_PROMPT_INJECTION (LOW):
- Ingestion points: The skill reads local theme files from the
themes/directory and accepts user input for custom theme generation. - Boundary markers: Absent in the instructions for processing theme files.
- Capability inventory: The agent is instructed to read files and 'apply' styles to other artifacts, implying a read/write or formatting capability.
- Sanitization: Not explicitly mentioned in the skill definition.
- Risk Assessment: While a theoretical surface for indirect injection exists if a user could provide a malicious theme description, the provided themes are static and the risk is minimal given the intended functionality.
Audit Metadata