docs-latex
Warn
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PRIVILEGE_ESCALATION]: The skill directs the agent to execute system-level installation commands using
apt-get, which requires administrative privileges to modify system directories and global configurations.\n- [DYNAMIC_EXECUTION]: The skill generates LaTeX source code from Markdown documents at runtime and immediately executes thepdflatexcompiler to transform that code into a PDF document.\n- [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes user-supplied Markdown files, interpolating their content into executable LaTeX templates.\n - Ingestion points: The source Markdown file specified by the
<file>argument inSKILL.md.\n - Boundary markers: There are no specific delimiters or instructions defined to isolate user-provided content from the structural LaTeX code.\n
- Capability inventory: The skill utilizes the
Bashtool to executepdflatexandapt-getcommands.\n - Sanitization: The
REFERENCE.mdfile provides a table for escaping specific LaTeX special characters (e.g.,&,$,#,%) to prevent compilation errors.\n- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill downloads and installs system packages (texlive-latex-extra,texlive-fonts-extra, etc.) from official repositories. These are well-known resources for the skill's stated purpose.
Audit Metadata