Skills
skills/anntnzrb/agents/jupyter/Gen Agent Trust Hub

jupyter

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill allows for the execution of arbitrary Python code within Jupyter notebooks using the nbclient library. This is a core feature of the skill, enabling users to run and debug notebooks directly from the agent environment.
  • [DATA_EXFILTRATION]: No unauthorized data access or transmission was found. The skill reads and writes .ipynb files and can save image outputs to user-specified directories as part of its documented functionality.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests content from notebook files (JSON format) and displays it to the agent without explicit boundary markers. However, this is inherent to the nature of a notebook management tool.
  • Ingestion points: scripts/nb.py and scripts/validate.py load notebook data using nbformat.read.
  • Boundary markers: None detected between notebook content and agent instructions.
  • Capability inventory: Includes shell execution capabilities via nbclient and file write access through nbformat and standard Python I/O.
  • Sanitization: Cell output tracebacks are sanitized by stripping ANSI escape sequences to ensure readability.
  • [SAFE]: All identified dependencies are standard, well-maintained packages from the Jupyter ecosystem. The scripts follow established security practices and do not request excessive privileges.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 04:33 AM