docs-latex
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs dynamic context injection to execute shell commands when the skill is loaded. These commands identify the current working directory, locate the LaTeX compiler, and list available Markdown files. Additionally, the skill executes the package manager and the LaTeX compiler during its operation.- [EXTERNAL_DOWNLOADS]: The skill downloads and installs various LaTeX-related packages and fonts using the system's package manager. These downloads are performed from well-known official software repositories to support the skill's primary function.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted Markdown files from the user's file system.
- Ingestion points: Markdown content is read from a user-specified file path for conversion to LaTeX.
- Boundary markers: The skill lacks explicit boundary markers or instructions to ignore potential commands embedded within the processed text.
- Capability inventory: The agent has access to powerful tools including file system modification (Write/Edit) and shell command execution (Bash).
- Sanitization: No sanitization or validation logic is present to filter out or escape malicious instructions hidden within the Markdown source.
Audit Metadata