latex-posters
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/generate_schematic.pyscript executes a local helper script usingsubprocess.run. It correctly passes arguments as a list, mitigating the risk of command injection from user-provided prompts. - [EXTERNAL_DOWNLOADS]: The skill interfaces with the OpenRouter API to provide its core AI generation features. This network activity is transparently documented and aligns with the skill's primary purpose. The use of the
requestslibrary for this purpose is standard. - [CREDENTIALS_UNSAFE]: Security credentials (API keys) are managed through environment variables or local environment files. This avoids hardcoding secrets and follows standard secure development patterns.
Audit Metadata