latex
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to generate and execute .latexmkrc files containing Perl code to manage build artifacts and automate PDF movement. Evidence: SKILL.md and references/latex-configs.md contain code snippets with Perl system() calls to be written to local files and executed by latexmk.
- [REMOTE_CODE_EXECUTION]: The process of creating and then running custom Perl scripts at runtime for build orchestration represents dynamic script generation and execution.
- [PROMPT_INJECTION]: The skill handles untrusted LaTeX source files, creating an attack surface for indirect prompt injection. 1. Ingestion points: Content is read from .tex files using the Read tool and parsed recursively by a Perl script. 2. Boundary markers: No explicit delimiters or 'ignore' instructions are provided to separate data from instructions during processing. 3. Capability inventory: The agent possesses capabilities for command execution via Bash, file modification (Write/Edit), and file reading. 4. Sanitization: No sanitization or validation of the LaTeX source content is performed.
Audit Metadata