paper-poster
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the TeX Live distribution and installer from official CTAN (Comprehensive TeX Archive Network) mirrors to establish the required LaTeX environment.
- [COMMAND_EXECUTION]: Employs extensive shell commands for environment setup, package management (tlmgr, pip), document compilation (latexmk, pdflatex), and file system operations.
- [REMOTE_CODE_EXECUTION]: Implements a pattern to download and execute the TeX Live installation script directly from a well-known academic repository (ctan.org).
- [PROMPT_INJECTION]: The skill processes untrusted input data from paper files, creating a surface for indirect prompt injection.
- Ingestion points: Reads paper content and sections from the
paper/directory (SKILL.md). - Boundary markers: No delimiters or instructions to ignore embedded commands are present when processing external TeX files.
- Capability inventory: The skill has access to Bash execution, file writing, and remote model invocation across multiple phases.
- Sanitization: No sanitization or input validation is performed on the content extracted from the paper before it is processed by the agent or model.
Audit Metadata