Skills
skills/sundial-org/awesome-openclaw-skills/theme-gen/Gen Agent Trust Hub

theme-gen

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted color strings and interpolates them into a system prompt in src/index.ts without sanitization or protective delimiters. Ingestion points: User-provided colors array passed to generateTheme. Boundary markers: None (direct template interpolation). Capability inventory: File system write capability in src/cli.ts. Sanitization: None. This creates a surface where malicious instructions could be passed as inputs to manipulate the LLM's output.
  • [COMMAND_EXECUTION]: The CLI tool includes a file output capability (-o, --output) in src/cli.ts that uses fs.writeFileSync to save generated content. While intended for design tokens, the use of path.resolve on user-supplied paths allows the tool to write or overwrite files anywhere on the accessible file system, representing a risk in unconstrained agent environments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 07:05 AM