Trust Assessment
theme-factory received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Excessive File System Write Permissions Implied, File System Read Permissions Implied.
The analysis covered 4 layers: dependency_graph, manifest_analysis, static_code_analysis, llm_behavioral_safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 15, 2026 (commit 3e75fabd). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Excessive File System Write Permissions Implied The skill description explicitly states that the LLM will 'Apply the selected theme's colors and fonts to the deck/artifact' and 'generate a new theme' which implies creating new theme files. This grants the LLM significant write and modification access to user-provided artifacts (e.g., slide decks) and potentially the skill's own theme directory. If the underlying tools or LLM capabilities are not properly sandboxed, this broad write access could be exploited by a malicious user prompt to corrupt data, introduce unwanted changes, or create arbitrary files on the system. Ensure that the tools used to 'apply the theme' and 'generate a new theme' operate within a strictly sandboxed environment with minimal necessary write permissions. Limit file write access to only specific, designated directories or file types. Implement robust input validation and user confirmation steps before any file modification or creation operations are performed. | Unknown | SKILL.md:28 | |
| MEDIUM | File System Read Permissions Implied The skill description requires the LLM to 'Show the `theme-showcase.pdf` file' and 'Read the corresponding theme file from the `themes/` directory'. This implies read access to specific files and a directory on the file system. While necessary for the skill's function, if the LLM's file access is not strictly confined to these specified paths, it could potentially be leveraged by a malicious prompt to read other sensitive files on the system, leading to data exfiltration. Ensure that the LLM's file read capabilities are strictly confined to the `theme-showcase.pdf` file and the `themes/` directory. Implement a robust file access control mechanism that prevents reading from arbitrary paths or outside the intended scope. | Unknown | SKILL.md:25 |
Scan History
Embed Code
[](https://skillshield.io/report/1123948a3d974a57)
Powered by SkillShield