mathmodel-figure-templates
Warn
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The renderer script
scripts/render_template.pyexecutes Python code in a subprocess. Evidence:result = subprocess.run([sys.executable, str(dst)], cwd=str(project), check=False). - [COMMAND_EXECUTION]: The execution logic is vulnerable to workspace script hijacking. The skill favors existing files in the destination path over its own bundled templates:
if dst.exists() and not args.overwrite: print(f"Using existing workspace script: {dst}"). This allows for a scenario where an agent executes an untrusted script if one is already present in the workspace at the expected path.
Audit Metadata