Skills
skills/wu-yc/labclaw/venue-templates/Gen Agent Trust Hub

venue-templates

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute local helper scripts (e.g., query_template.py, customize_template.py, validate_format.py) and standard LaTeX compilation utilities like pdflatex and latexmk.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating user-provided text into shell command arguments and LaTeX templates. 1. Ingestion points: User-provided manuscript metadata (title, authors, affiliations) used as script arguments. 2. Boundary markers: None explicitly mentioned or implemented in the provided instructions. 3. Capability inventory: Bash, Write, Edit, and Read tools (file and command system access). 4. Sanitization: No evidence of input sanitization or validation in the skill instructions.
  • [EXTERNAL_DOWNLOADS]: The skill provides links to official author guidelines from trusted scientific publishers and government agencies (Nature, Science, PLOS, IEEE, NSF, NIH). It also references the author's own research platform (k-dense.ai).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 04:33 AM