academic-latex
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes local binaries including
pdflatex,xelatex, andlualatex. These engines are Turing-complete and can interact with the file system or execute scripts (in the case oflualatex). - [PROMPT_INJECTION] (LOW): Vulnerable to Indirect Prompt Injection (Category 8) as it processes untrusted user-supplied document content. * Ingestion points: User-provided LaTeX content via the
/compileendpoint or.texfiles. * Boundary markers: Absent; there are no instructions to ignore embedded agent commands within the LaTeX source. * Capability inventory: Subprocess execution of LaTeX engines, file system writes to/workspace/output/, and local network requests viacurl. * Sanitization: Absent; the skill relies on the default configuration of the TeX Live installation. - [EXTERNAL_DOWNLOADS] (SAFE): Network usage is limited to
localhost:8080, which is a whitelisted destination.
Audit Metadata