python-uv
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Overall Assessment] (SAFE): The skill is purely instructional, focusing on the usage of the 'uv' Python package manager. All examples follow standard developer workflows and reference trusted environments (e.g., GitHub Actions, official Docker registries).
- [Category 4: External Downloads] (INFO): The skill demonstrates how to install Python packages (
uv add,uv pip install) and Python versions (uv python install). These are core functions of the tool and do not involve untrusted third-party scripts or hidden remote code execution. - [Category 8: Indirect Prompt Injection] (INFO): While the skill shows how to handle user inputs for generating projects, it does not ingest external untrusted data into an execution context without user oversight.
Audit Metadata