theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The 'Create your Own Theme' feature in SKILL.md introduces an indirect prompt injection surface. Evidence: (1) Ingestion Point: User-provided inputs are used to generate new theme instructions in SKILL.md. (2) Boundary Markers: No explicit delimiters or 'ignore embedded instructions' warnings are defined for the input processing. (3) Capability Inventory: The agent is instructed to apply the generated styling to artifacts (write/modify capability). (4) Sanitization: No input filtering is present, although a mitigation is provided via the 'show it for review and verification' instruction.
- [NO_CODE] (INFO): The skill consists solely of Markdown files. It contains no Python, Node.js, or shell scripts, eliminating direct risks related to remote code execution, unauthorized file system access, or network exfiltration from the skill's own code.
Audit Metadata