latex-formatting
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Data Ingestion] (SAFE): The skill processes .tex files via clean_latex.py. The script uses standard regex for text substitution and does not use high-risk functions like eval or subprocess.run on input data.
- [Indirect Prompt Injection] (SAFE): The skill ingests untrusted data from .tex files, but the lack of network or system-level capabilities prevents significant impact. Mandatory Evidence Chain: (1) Ingestion point: clean_latex.py reads input files. (2) Boundary markers: Not implemented. (3) Capability inventory: Limited to local file read/write. (4) Sanitization: Performs extensive character escaping for LaTeX syntax and removes zero-width spaces.
- [External Downloads] (SAFE): No remote code execution or package installations were found. All scripts are referenced at local paths.
Audit Metadata