theme-factory
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill provides an interface for generating custom themes which creates a surface for indirect prompt injection.
- Ingestion points: User-provided descriptions used to generate on-the-fly themes in the 'Create your Own Theme' section of
SKILL.md. - Boundary markers: Absent; there are no delimiters or instructions provided to the agent to treat user styling requests as untrusted data or to ignore embedded instructions.
- Capability inventory: The skill instructions permit the agent to read local theme files and generate new text-based artifacts based on user input.
- Sanitization: Absent; the skill lacks any validation or filtering logic for the user-provided descriptions before processing.
- [NO_CODE]: The skill consists entirely of Markdown and text documentation. No scripts (Python, Node.js, Shell) or binaries are included. The skill references local absolute paths (
/Users/sargupta/...) for its configuration, which discloses the author's local directory structure but does not involve command execution.
Audit Metadata