python-workflow-delivery
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns detected that attempt to bypass AI safety constraints or hijack the agent's core instructions.
- [Data Exposure & Exfiltration] (SAFE): The skill does not attempt to access sensitive file paths (e.g., ~/.ssh) or perform unauthorized network requests.
- [Unverifiable Dependencies] (SAFE): The workflow relies on well-known tools like 'uv', 'ruff', and 'pytest'. It references a local script for security audits, which is a defensive best practice.
- [Metadata Poisoning] (LOW): The 'Invocation Notice' section contains a reference to 'python-design-modularity', which contradicts the skill's defined name 'python-workflow-delivery'. This appears to be a documentation error rather than a deceptive tactic.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: The skill instructions involve the agent reading and processing local Python source code and configuration files (pyproject.toml).
- Boundary markers: Absent. There are no explicit instructions to treat code content as untrusted data.
- Capability inventory: The skill uses subprocess execution via 'uv run' to execute linters and test suites.
- Sanitization: None detected; the agent relies on the safety of the tools (ruff, pytest) being executed.
Audit Metadata