Skills
skills/dangeles/claude/notebook-debugger/Gen Agent Trust Hub

notebook-debugger

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it is designed to analyze and run content from untrusted external Jupyter notebook files (.ipynb).
  • Ingestion points: The skill ingests data from notebook cells (code and markdown) to diagnose and fix errors, as described in SKILL.md.
  • Boundary markers: Absent. There are no explicit delimiters or instructions provided to the agent to distinguish between its own logic and instructions that might be embedded in the notebook data.
  • Capability inventory: The agent has the ability to execute code in cells, run system commands via subprocess.run, and perform package management with pip and micromamba.
  • Sanitization: Absent. No input validation or sanitization of the notebook content is performed before processing or execution.
  • [COMMAND_EXECUTION]: The skill uses command-line tools for environment diagnostics and configuration.
  • Evidence: Instructions in SKILL.md and references/environment-management.md utilize pip show, pip freeze, and micromamba env export to inspect system state.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates downloading and installing Python packages from external registries to resolve environment issues.
  • Evidence: Documentation includes examples of pip install, micromamba install, and pip install -r requirements.txt to fetch dependencies as part of the troubleshooting workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 06:47 PM