Skills
skills/salmanferozkhan/cloud-and-fast-api/theme-factory/Gen Agent Trust Hub

theme-factory

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill's primary function is to process and modify external artifacts (slides, docs, HTML landing pages). This creates a significant attack surface where malicious instructions embedded in the processed files could be executed by the agent.
  • Ingestion points: Artifacts being styled (slides, docs, HTML) as mentioned in SKILL.md.
  • Boundary markers: Absent. There are no instructions to ignore embedded commands or use delimiters when parsing artifacts.
  • Capability inventory: File modification capability ("Apply the selected theme's colors and fonts to the deck/artifact").
  • Sanitization: Absent. No validation or filtering is specified for the content within the artifacts being modified.
  • [Prompt Injection] (MEDIUM): The 'Create your Own Theme' feature in SKILL.md allows the agent to generate new themes based on arbitrary 'provided inputs'. This is a direct vector for prompt injection where a user or data source could provide instructions disguised as a theme description to override agent behavior.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:48 PM