Skills
skills/pedrohcgs/claude-code-my-workflow/compile-latex/Gen Agent Trust Hub

compile-latex

Fail

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the $ARGUMENTS variable directly within shell commands executed via the Bash tool. Specifically, instructions such as xelatex -interaction=nonstopmode $ARGUMENTS.tex and open Slides/$ARGUMENTS.pdf do not sanitize the input. A malicious user could provide an argument containing shell metacharacters (e.g., ;, &&, |) to execute arbitrary commands on the host system.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface through the ingestion of untrusted data.
  • Ingestion points: The $ARGUMENTS parameter in SKILL.md is passed to shell commands.
  • Boundary markers: There are no markers or delimiters used to isolate the variable from the surrounding bash script.
  • Capability inventory: The skill uses the Bash tool, which has broad system access.
  • Sanitization: There is no evidence of validation or sanitization of the input variable before it is used in a shell context.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 28, 2026, 08:52 AM