Skills
skills/cometchat/cometchat-skills/cometchat-theming/Gen Agent Trust Hub

cometchat-theming

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches and executes the @cometchat/skills-cli package from the official npm registry using npx at runtime.
  • [COMMAND_EXECUTION]: Shell commands are executed via executeBash to run CLI tools for theme application, state verification, and diagnostic checks.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading untrusted data from local configuration files and using it to construct shell commands.
  • Ingestion points: Reads tailwind.config.js, tailwind.config.ts, and root CSS files (e.g., index.css).
  • Boundary markers: None identified; tokens are extracted directly from the files.
  • Capability inventory: Full shell access via executeBash for CLI commands.
  • Sanitization: No explicit validation or sanitization is performed on extracted design tokens (colors, font families) before they are passed as arguments to the npx command.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 02:50 AM