The Agent Skills Directory

COMMAND_EXECUTION (LOW): The script validate_format.py invokes external binaries pdfinfo and pdffonts via subprocess.run. Evidence: subprocess.run(['pdfinfo', str(pdf_path)], ...) and subprocess.run(['pdffonts', str(pdf_path)], ...) in scripts/validate_format.py. While implemented safely using argument lists to prevent shell injection, it relies on the presence and security of host-installed tools.
PROMPT_INJECTION (LOW): The script customize_template.py performs unsanitized interpolation of user input into LaTeX templates, representing an indirect prompt injection surface. Evidence Chain:
Ingestion points: Command-line arguments (--title, --authors, etc.) and interactive input() prompts in scripts/customize_template.py.
Boundary markers: Absent; placeholders are substituted directly into the LaTeX source code.
Capability inventory: File-write operations to create new .tex files; subsequent use involves LaTeX compilation which may have shell-escape capabilities.
Sanitization: Absent; no escaping of LaTeX-sensitive control sequences (e.g., \write18) is performed on user input.

venue-templates