resume-builder
Warn
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs dynamic command execution by invoking the
pdflatexcompiler on LaTeX files created at runtime. This behavior is documented in the workflow steps inSKILL.mdandQUICKSTART.md(e.g.,pdflatex -interaction=nonstopmode resume.tex). - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted user data and interpolates it into a LaTeX template that is subsequently executed by a compiler. Ingestion points: User-provided personal, educational, and professional data collected via the agent. Boundary markers: Absent; user input is embedded directly into the
.texsource file without isolation or special delimiters. Capability inventory: The skill has the capability to execute system commands via the LaTeX compilation process. Sanitization: AlthoughQUICKSTART.mdincludes instructions for escaping standard LaTeX special characters to prevent compilation failures, it lacks a robust security sanitization layer to prevent the injection of malicious LaTeX macros or system-level exploitation via the compiler.
Audit Metadata