overleaf-sync
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill implements robust credential management by utilizing the macOS Keychain for token storage, ensuring that sensitive authentication data is never visible to the agent or stored in the chat history.
- [SAFE]: It employs technical safeguards, including a Git pre-commit hook that automatically scans for and blocks the commit of Overleaf authentication tokens.
- [COMMAND_EXECUTION]: The use of Bash commands is limited to standard Git and rsync operations necessary for synchronization, with explicit safety flags to prevent accidental data overwrites or merge conflicts.
- [SAFE]: The synchronization process includes a structured diff protocol that requires analysis of external changes before integration, mitigating risks associated with pulling data from collaborative environments.
- [SAFE]: All setup and auditing scripts are executed locally from the repository, avoiding the risks associated with downloading and running code from external remote sources.
Audit Metadata