polyglot-integration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill demonstrates the use of Node.js
spawnto execute Python scripts. While this is a standard IPC pattern for polyglot systems, it is noted as a vulnerability surface if scripts or arguments are derived from untrusted user input without sanitization. - [SAFE] (SAFE): The implementation examples for native C++ addons, Rust extensions (PyO3), and Java gateways (Py4J) follow standard development workflows for performance optimization. External references point to official and trusted documentation sources.
- [SAFE] (SAFE): No indicators of prompt injection, hardcoded credentials, data exfiltration, or persistence mechanisms were found in the skill content or metadata.
Audit Metadata