migrating-latex-templates
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes LaTeX compilers (xelatex, bibtex) via subprocesses in
scripts/core/compiler.py. This is part of its core validation functionality. Safety is ensured by a whitelist inscripts/validate_config.pyand path restrictions inscripts/core/security_manager.py.\n- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes user-provided LaTeX content for optimization and word count adaptation.\n - Ingestion points: User LaTeX files are read in
scripts/core/project_analyzer.py,scripts/core/content_optimizer.py, andscripts/core/word_count_adapter.py.\n - Boundary markers: Absent; the prompts in
scripts/core/prompt_templates.pyuse simple text labels like '原文:' without robust delimiters or instructions to ignore embedded commands.\n - Capability inventory: The skill can execute LaTeX-specific subprocesses and write to specific project subdirectories.\n
- Sanitization:
scripts/core/security_manager.pyenforces a write whitelist forextraTex/*.texandreferences/*.bib.scripts/core/latex_utils.pystrips comments and commands for summaries.
Audit Metadata