theme-factory
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or security vulnerabilities were detected. The skill operates as a collection of static markdown files defining color palettes and font pairings.
- [NO_CODE]: The skill does not contain any executable scripts (Python, JavaScript, Shell) or binaries. It relies on the AI agent's internal capabilities to process the provided themes and apply them to artifacts.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection via the 'Create your Own Theme' feature. 1. Ingestion points: User-provided text for custom themes (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Modification of artifact styling. 4. Sanitization: Absent. This is considered safe as it is a core functional feature with no demonstrated path to escalation.
Audit Metadata