dignified-python
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill directs the agent to automatically detect a project's Python version by reading local configuration files. This data ingestion creates a surface for indirect prompt injection, as the agent's behavior (specifically, which instruction files it loads) is influenced by the content of untrusted project files.
- Ingestion points: The agent is instructed to read
pyproject.toml,setup.py,setup.cfg, and.python-versionfiles from the user's current project directory. - Boundary markers: The instructions do not specify any delimiters or safety markers to prevent the agent from being influenced by potentially malicious instructions embedded in these configuration files.
- Capability inventory: The agent performs file-system read operations and conditionally loads additional Markdown instruction files based on the parsed version data.
- Sanitization: No explicit sanitization or validation of the configuration file content is mentioned prior to the agent processing it for version detection.
Audit Metadata