venue-templates
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The script
validate_format.pyexecutes external system utilities (pdfinfo,pdffonts) viasubprocess.run. While it correctly uses argument lists to prevent shell injection, it lacks validation for the input file path, which could lead to argument injection if the filename starts with a dash. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it processes external templates and PDF files. Evidence Chain: 1. Ingestion points:
customize_template.py(reads templates) andvalidate_format.py(reads PDFs). 2. Boundary markers: Absent. 3. Capability inventory: File writing and subprocess execution. 4. Sanitization: Absent. - DATA_EXPOSURE (LOW): Potential path traversal in
customize_template.pyandvalidate_format.py. These scripts accept output filenames and report paths without sanitization, allowing for the possibility of overwriting local files if malicious paths are provided.
Audit Metadata