theme-factory
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (HIGH): The 'Create your Own Theme' feature is vulnerable to indirect prompt injection. Ingestion point: User-provided theme descriptions in
SKILL.md. Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions in the user input. Capability inventory: The skill has the capability to modify document artifacts (slides, docs, HTML) as described inSKILL.md. Sanitization: Absent; the skill does not specify any validation or filtering for user-provided descriptions. An attacker could use this surface to inject instructions that the agent follows while modifying documents.
Recommendations
- AI detected serious security threats
Audit Metadata