theme-factory
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a potential surface for indirect prompt injection because it instructs the agent to read and modify external artifacts like slide decks and documents. Malicious instructions hidden in these files could attempt to override agent behavior during the styling process. * Ingestion points: Artifacts being styled and user input for custom themes. * Boundary markers: None defined. * Capability inventory: Reading artifact content and applying visual styles. * Sanitization: No sanitization of artifact content is mentioned.
- [No Code] (SAFE): No executable code files (Python, JavaScript, or shell scripts) were found in the skill package, which significantly limits the attack surface for remote code execution, persistence, or local data exfiltration.
Audit Metadata