Skills
skills/jugyo/vscode-theme-skill/vscode-theme/Gen Agent Trust Hub

vscode-theme

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill ingests untrusted user input (theme names, color preferences) and uses them to generate configuration files and execute shell commands.
  • Ingestion points: Step 1 (Gathering theme requirements).
  • Boundary markers: None present in the instructions.
  • Capability inventory: Executes node for building/packaging and code --install-extension for modifying the IDE environment.
  • Sanitization: Not explicitly documented in the skill instructions; relies on the internal logic of theme-builder.js.
  • [External Downloads] (LOW): The skill requires the installation of the @vscode/vsce package via npm.
  • [TRUST-SCOPE-RULE]: This is downgraded to LOW as @vscode is a trusted organization representing official Visual Studio Code tools.
  • [Metadata Poisoning] (INFO): An automated scanner flagged list.ac as a malicious URL. This is a false positive. The string occurs within the VSCode theme property list.activeSelectionBackground in the parts/colors-ui.json documentation section.
  • [Dynamic Execution] (MEDIUM): The skill dynamically generates a .vsix extension file and installs it into the user's VSCode instance. While this is the stated purpose of the skill, the ability to inject code into the IDE via extensions is a significant capability that should be used with caution.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:13 AM