rich-terminal-output
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGH
Full Analysis
- [EXTERNAL_DOWNLOADS] (INFO): References 'rich' and 'click' packages. 'rich' is a standard, highly-trusted library for terminal formatting.
- [DATA_EXFILTRATION] (SAFE): No network activity or access to sensitive files was detected.
- [COMMAND_EXECUTION] (SAFE): No arbitrary command execution or unsafe subprocess calls are present.
- [PROMPT_INJECTION] (SAFE): No instructions designed to bypass agent constraints or override system prompts.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill handles the display of external data (like filenames or usernames) but correctly mitigates potential formatting injection by recommending the use of 'rich.markup.escape'.
- [FALSE POSITIVE] (INFO): The automated scan alert for 'logger.info' is a false positive; it is a standard Python logging method call, not a malicious URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata