latex-thesis-zh
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/compile.pyuses thesubprocessmodule to execute LaTeX engines such asxelatex,lualatex, andpdflatex, as well aslatexmkand bibliography processors. This is a core requirement for document generation. The script correctly warns the user about the security implications of the optional--shell-escapeflag.\n- [EXTERNAL_DOWNLOADS]: Thescripts/online_bib_verify.pyscript performs HTTP requests to the CrossRef and Semantic Scholar APIs usingurllib.request. These requests are used to verify bibliography metadata against trusted academic databases and are consistent with the skill's stated purpose.\n- [COMMAND_EXECUTION]: Thescripts/check_format.pyscript executes thechktexutility viasubprocess.runto provide syntax checking for LaTeX files. This is a standard and expected behavior for a LaTeX assistant.\n- [PROMPT_INJECTION]: The skill analyzes user-provided LaTeX and Typst files, which introduces a surface for indirect prompt injection. \n - Ingestion points: Document source code is read by scripts like
deai_check.pyandscripts/parsers.py. \n - Boundary markers: The
SKILL.mdprovides strict instructions to the agent to output suggestions in a specific LaTeX diff-comment format, which serves to distinguish agent output from user data. \n - Capability inventory: The skill can execute local compilers and access academic APIs. \n
- Sanitization: No active sanitization is performed on the input text before processing, but the restricted output format effectively limits the impact of potential instructions hidden in the processed documents.
Audit Metadata