Skills
skills/pedrohcgs/claude-code-my-workflow/compile-latex/Gen Agent Trust Hub

compile-latex

Fail

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directly interpolates the $ARGUMENTS variable into bash commands (e.g., xelatex $ARGUMENTS.tex, bibtex $ARGUMENTS). This allows for arbitrary shell command injection if the argument contains characters like ;, &, or |.\n- [COMMAND_EXECUTION]: The use of xelatex for compilation involves a risk from LaTeX macros such as \write18, which can execute arbitrary system commands. Compiling untrusted documents could lead to host compromise.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the LaTeX files it processes.\n
  • Ingestion points: Content of .tex files targeted by the $ARGUMENTS parameter.\n
  • Boundary markers: None. There are no delimiters or instructions to ignore embedded commands in the source files.\n
  • Capability inventory: The Bash tool is used to execute compilation commands and open resulting PDFs.\n
  • Sanitization: No validation, escaping, or restricted environments are used to mitigate the risks of processing untrusted LaTeX code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 18, 2026, 06:02 PM