paper-poster
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves the TeX Live distribution installer from mirror.ctan.org, which is the authoritative and well-known repository for TeX-related software. Neutral documentation of this process is required as it targets a trusted academic source.
- [REMOTE_CODE_EXECUTION]: The environment setup involves installing necessary LaTeX packages and Python libraries (pdf2image, python-pptx, pymupdf) from established registries. It also executes the TeX Live installer script to configure the typesetting environment.
- [COMMAND_EXECUTION]: The skill uses shell commands for file system management, environment configuration, and LaTeX compilation. It specifically executes a helper script with user-supplied arguments to process style references, which is a standard part of its design-reference feature.
- [PROMPT_INJECTION]: The skill processes user-provided LaTeX source files and external references to generate poster content, creating a surface for indirect prompt injection.
- Ingestion points: Local paper source files (.tex) and external reference sources (URLs, arXiv IDs).
- Boundary markers: None explicitly defined in the generation workflow.
- Capability inventory: File system access, shell command execution, and interaction with external LLMs via the Codex MCP.
- Sanitization: No explicit sanitization of extracted paper content is described before it is passed to the generation and review models.
Audit Metadata