publication-chart-skill
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a bundled script 'scripts/ensure_publication_tooling.py' that executes shell commands via 'subprocess.run' to install required Python packages using pip or uv.
- [EXTERNAL_DOWNLOADS]: The skill is configured to automatically download and install the 'pubfig' and 'pubtab' libraries if they are missing. These are vendor-owned resources necessary for the skill's operation.
- [REMOTE_CODE_EXECUTION]: The helper script uses 'importlib.import_module' to dynamically probe the environment for the availability of specific modules. The package names are validated against a fixed whitelist.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted user data from sources such as Excel spreadsheets and LaTeX files. 1. Ingestion points: user-provided spreadsheets and .tex files as described in 'SKILL.md'. 2. Boundary markers: no delimiters or 'ignore' instructions are used for processed data. 3. Capability inventory: subprocess execution and tool-based artifact generation. 4. Sanitization: the instructions do not specify validation or filtering of external content.
Audit Metadata