Security risk report for @forgecat/anthropics_skills_theme-factory v0.0.4
Source Integrity
Low
Profile is attributed to Anthropic with a public GitHub repository (anthropics/skills) and specific commit hash (5128e18), enabling verification.
No suspicious external dependencies or supply-chain risks detected; declared dependencies are empty.
Agent Intent
Low
Content describes a legitimate theming utility with clear, bounded functionality: displaying theme showcases, accepting user selection, and applying styling to artifacts.
No instructions to manipulate the AI, read credentials, exfiltrate data, hide instructions, install remote payloads, or leak system prompts.
Guidance is constructive (use standard fonts like DejaVu Sans, FreeSans, FreeSerif; apply color palettes) and does not poison the agent with malicious knowledge or security-weakening defaults.
Details
Evidence
Usage instructions are straightforward: 'Show the theme showcase', 'Ask for their choice', 'Apply the theme'.
Theme definitions are purely declarative (color hex codes, font names, use-case descriptions).
Custom theme creation is scoped: 'Based on provided inputs, generate a new theme similar to the ones above'—no instruction to bypass controls or fetch external payloads.
Permissions
Low
No tools or hooks are declared in the profile; the skill is purely instructional guidance for styling artifacts.
Authority is minimal and aligned with stated purpose: read theme files from a local `themes/` directory and apply styling to user-created artifacts.
No file_write, file_delete, shell, web_fetch, or other high/medium-risk categories are invoked.
Details
Evidence
Declared tools section is empty.
Only operations described are reading theme definitions and applying colors/fonts to existing artifacts—no filesystem mutation or external access.
MCP Risk
Low
No MCP servers are defined in the profile.
No hidden instructions in tool descriptions, arbitrary binary execution, or unrestricted network/filesystem access.