theme-factory
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill package contains no executable scripts, binaries, or source code in languages like Python or JavaScript. It is composed solely of Markdown documentation and configuration files.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) by design.\n
- Ingestion points: According to SKILL.md, the agent is intended to process and style user-provided artifacts such as slide decks, documents, and HTML pages.\n
- Boundary markers: There are no instructions defining delimiters or clear separation between the theme instructions and the content of the user-provided artifacts.\n
- Capability inventory: The agent is authorized to read theme files and modify the structure or content of user-provided artifacts to apply styling.\n
- Sanitization: The skill lacks instructions for sanitizing or validating the content of the artifacts it processes.
Audit Metadata