Skills
skills/shaun-z/auto-claude-code-research-in-sleep/paper-slides/Gen Agent Trust Hub

paper-slides

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted LaTeX files from a user-provided directory to generate slide content and talk scripts.
  • Ingestion points: Reads files from the paper/sections/ directory during the extraction and drafting phases (Phase 1 and 2).
  • Boundary markers: No explicit delimiters or instructions are used to prevent the LLM from following commands embedded within the paper text.
  • Capability inventory: The skill has the ability to execute bash commands, write files to the local system, and interface with external LLM models via the Codex MCP tool.
  • Sanitization: There is no evidence of sanitization or filtering of the input LaTeX content before it is processed by the LLM.
  • [COMMAND_EXECUTION]: The skill uses the system's shell to execute several tasks, including LaTeX compilation using latexmk or pdflatex and the generation and execution of a dynamic Python script (generate_pptx.py) for PowerPoint creation.
  • [EXTERNAL_DOWNLOADS]: The workflow includes a check to install the python-pptx library from the Python Package Index (PyPI) if it is not already present on the system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 09:42 PM