theme-factory
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the 'Create your Own Theme' functionality. It directs the agent to ingest untrusted user input to generate new theme specifications without adequate safeguards.
- Ingestion points: User-supplied descriptions processed in the 'Create your Own Theme' section of
SKILL.md. - Boundary markers: No delimiters or instructions to disregard instructions within user input are provided.
- Capability inventory: The agent has the capability to modify and apply styles to external artifacts such as documents, slides, and web pages.
- Sanitization: There is no explicit requirement for the agent to sanitize or validate the user's input before processing it into a new theme definition.
Audit Metadata