Security Audit

snyk/agent-scan:tests/skills/theme-factory

github.com/snyk/agent-scan

AI SkillCommit 30a672c5e8ce

TRUSTED

Scanned 29 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

snyk/agent-scan:tests/skills/theme-factory received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Path Traversal via Theme File Selection, Potential Arbitrary File Write via Custom Theme Creation.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on March 1, 2026 (commit 30a672c5). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Filesystem Write

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Potential Path Traversal via Theme File Selection The skill instructs the LLM to 'Read the corresponding theme file from the `themes/` directory' based on user selection. If the user-provided theme name is not properly sanitized or validated by the LLM, a malicious user could inject path traversal sequences (e.g., `../../../../etc/passwd`) to read arbitrary files outside the intended `themes/` directory. This could lead to sensitive data disclosure. Implement strict input validation and sanitization for theme names to prevent path traversal sequences. Ensure that file paths constructed from user input are canonicalized and checked against an allowed directory. Only allow theme names that are simple alphanumeric strings, or map user choices to a predefined list of safe filenames.	LLM	SKILL.md:45
MEDIUM	Potential Arbitrary File Write via Custom Theme Creation The skill allows for the creation of custom themes 'Based on provided inputs, generate a new theme similar to the ones above. Give the theme a similar name describing what the font/color combinations represent.' If the LLM generates a new theme file and the user can influence the filename or path of this new file through their input, it could lead to an arbitrary file write vulnerability. A malicious user could potentially write files to sensitive locations on the system. When generating new theme files, ensure that the filename and path are strictly controlled by the LLM and do not incorporate unsanitized user input. Generate unique, non-guessable filenames (e.g., UUIDs) and store them in a dedicated, sandboxed directory. Do not allow user input to dictate the file path.	LLM	SKILL.md:56

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e710d4021faedf71.svg)](https://skillshield.io/report/e710d4021faedf71)