theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill possesses an indirect prompt injection surface because it processes external artifacts (slides, docs, HTML). However, the risk is negligible as the agent's capability is restricted to applying visual styles (colors/fonts) to these documents.
- Ingestion points: Processes existing artifacts such as slides, documents, and reports provided by the user.
- Boundary markers: None explicitly defined in the styling instructions.
- Capability inventory: Limited to file modification for the purpose of visual styling (applying hex codes and font names).
- Sanitization: None present; the skill assumes the agent's underlying tools handle file parsing safely.
- NO_CODE (INFO): The skill consists entirely of Markdown configuration files and does not include scripts, binaries, or automated installation procedures.
Audit Metadata