latex-setup
Fail
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes sudo for administrative package installation via apt and tlmgr on Linux and macOS.- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download LaTeX templates from external venue websites which are dynamically determined at runtime based on user input.- [PROMPT_INJECTION]: The skill parses user-provided .tex files to extract requirements and determine which packages to install. This creates an indirect prompt injection surface where a malicious LaTeX file could potentially influence the commands executed by the agent.
- Ingestion points: Local .tex files read in SKILL.md during Step 2.
- Boundary markers: None present.
- Capability inventory: Shell command execution (pdflatex, bibtex, sudo apt, brew, tlmgr) across various steps in SKILL.md.
- Sanitization: None present; the skill extracts package names directly from user-controlled files to be used in shell commands.
Recommendations
- AI detected serious security threats
Audit Metadata