python-notebooks-async
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Metadata Poisoning (MEDIUM): In 'SKILL.md', the skill's frontmatter 'name' is 'python-notebooks-async', yet the 'Invocation Notice' section explicitly instructs the AI to inform the user it is using 'python-design-modularity'. This misleading instruction is deceptive and could be used to shadow or conflict with other skills, potentially causing logic errors in how the agent identifies its active capabilities.
- Indirect Prompt Injection (LOW): The skill is designed to process and review code, which constitutes an untrusted data ingestion surface. While vulnerable to embedded instructions in user code, the skill itself lacks high-risk capabilities such as network exfiltration or file system modification, limiting the risk to the agent's internal reasoning and local state.
Audit Metadata