paper-compilation
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script 'scripts/compile_paper.py' uses the subprocess module to execute local system binaries for LaTeX compilation and style checking. Evidence: The run_command function calls subprocess.run with command lists including 'pdflatex', 'bibtex', and 'chktex'.
- [COMMAND_EXECUTION]: The SKILL.md file contains troubleshooting documentation that suggests the execution of privileged commands for environment configuration. Evidence: Instructions recommend running 'sudo apt install texlive-full' on Ubuntu systems.
- [PROMPT_INJECTION]: The skill processes external LaTeX files and logs, which presents an indirect prompt injection surface. Evidence: 1. Ingestion points: 'scripts/compile_paper.py' and 'scripts/fix_latex_errors.py' read content from user-provided .tex and .log files. 2. Boundary markers: No explicit markers or 'ignore' instructions are used when reading and processing these files. 3. Capability inventory: The skill can execute subprocesses and perform file system write operations. 4. Sanitization: Content is processed using regex for formatting fixes, but there is no validation to prevent malicious LaTeX directives such as shell escape or unauthorized file inclusion.
Audit Metadata