theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes user-provided descriptions to generate 'custom themes' and reads theme data from local markdown files. This creates an ingestion surface for indirect prompt injection where instructions could be embedded in data. However, the severity is LOW as the agent's write capabilities are limited to applying visual styling (colors and fonts) to artifacts.
- [Data Exposure & Exfiltration] (SAFE): No evidence of credential harvesting, sensitive file access, or unauthorized network transmission was found.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not define external dependencies or include patterns for downloading and executing remote scripts.
Audit Metadata