Skills
skills/sumik5/sumik-claude-plugin/writing-latex/Gen Agent Trust Hub

writing-latex

Fail

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The documentation file references/DOCUMENT-CLASSES.md includes an example bash script that uses the chmod 777 command. This is an insecure permission setting that grants all users full access to read, write, and execute the file, representing a privilege escalation risk.
  • [REMOTE_CODE_EXECUTION]: The files INSTRUCTIONS.md and references/REFERENCE.md recommend compiling LaTeX files with the -shell-escape flag. This configuration is highly dangerous as it enables the TeX engine to execute arbitrary external shell commands, which could be leveraged by a malicious document to compromise the host system.
  • [COMMAND_EXECUTION]: Multiple reference files, such as references/PLOTTING-COMPUTATION.md and references/SCIENCE-PACKAGES.md, describe the use of luacode and \directlua. These features allow for the execution of Lua scripts during the typesetting process, which can interact with the underlying operating system and perform unauthorized actions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 6, 2026, 02:12 PM