theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Trusted Source (SAFE): The repository anthropics/skills and organization anthropics are explicitly listed as trusted entities in the security policy. Findings associated with references to these sources are downgraded to SAFE/INFO.
- Data Access (SAFE): The skill identifies and reads local theme specifications within its own themes/ directory. No access to sensitive system paths (~/.ssh, ~/.aws) or environment variables was detected.
- Command Execution (SAFE): The skill contains no shell scripts, subprocess calls, or system commands. Its functionality is restricted to providing formatting instructions to the AI agent for document styling.
- Remote Code Execution (SAFE): No remote package installations or piped script executions (e.g., curl | bash) are present. The skill utilizes local markdown and metadata for its operations.
Audit Metadata