The Agent Skills Directory

PROMPT_INJECTION (LOW): Indirect Prompt Injection surface detected in scripts/review_poster.sh. \n
Ingestion points: The script accepts a PDF file as a command-line argument and processes its content. \n
Boundary markers: Absent. The script outputs metadata and font names directly to the console without delimiters or warnings for the agent to ignore embedded instructions. \n
Capability inventory: The script invokes pdfinfo, pdffonts, and pdfimages which parse internal PDF data. \n
Sanitization: Absent. Raw metadata (like Title or Font names) extracted from the PDF is printed to stdout, which could contain malicious instructions designed to manipulate the LLM's behavior. \n- COMMAND_EXECUTION (SAFE): The script executes several system utilities including pdfinfo, pdffonts, pdfimages, ls, awk, and grep. All instances of the user-supplied filename variable ($POSTER_FILE) are properly double-quoted to prevent shell word-splitting and globbing attacks.

latex-posters