theme-factory
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The 'Create your Own Theme' feature allows for the ingestion of untrusted data which is used to modify files.
- Ingestion points: The skill accepts 'basic descriptions provided' by users to generate custom themes in the 'Create your Own Theme' section.
- Boundary markers: There are no instructions or delimiters defined to isolate user-provided theme descriptions from the agent's instructions.
- Capability inventory: The skill possesses the capability to 'apply' themes to artifacts, which includes modifying HTML landing pages, documents, and slide decks (file-write operations).
- Sanitization: There is no evidence of input validation or sanitization to prevent users from embedding malicious instructions or script tags within theme descriptions that could be executed when the theme is applied to web-based artifacts (e.g., HTML landing pages).
Recommendations
- AI detected serious security threats
Audit Metadata