theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill's ability to generate custom themes based on user-provided descriptions introduces an indirect prompt injection surface (Category 8). \n
- Ingestion points: User-provided basic descriptions in the 'Create your Own Theme' section (SKILL.md). \n
- Boundary markers: No delimiters or isolation instructions are specified to separate user data from the agent's instructions. \n
- Capability inventory: The skill modifies external artifacts including slides, documents, and HTML landing pages (SKILL.md). \n
- Sanitization: There is no explicit requirement for sanitizing or validating the user-provided input before applying the resulting theme properties to artifacts.
Audit Metadata