python-best-practices-async-context-manager
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python scripts (
convert_sync_to_async_cm.py,generate_async_context_manager.py,validate_context_managers.py) that perform file operations and code analysis. These scripts use the built-inast(Abstract Syntax Tree) module to parse and transform code safely without executing it. - [DATA_EXFILTRATION]: No network operations, hardcoded credentials, or access to sensitive system paths (e.g., SSH keys, AWS credentials) were found. The skill only requests access to standard file manipulation tools (
Read,Grep,Glob,Write,Edit) necessary for its purpose. - [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts. All dependencies referenced are either from the Python standard library (
contextlib,ast,argparse,pathlib) or well-known development libraries (pytest,neo4j,aiofiles) used in instructional examples. - [PROMPT_INJECTION]: The instructions in
SKILL.mdare focused on technical implementation and do not contain any instructions that attempt to bypass AI safety filters or override system prompts. - [DYNAMIC_EXECUTION]: While
generate_async_context_manager.pyassembles code strings using user-provided input for templates, it does not useeval()orexec(). It validates the resulting code string usingast.parse()for syntax correctness before writing it to a file, which is a secure practice for code generation tools.
Audit Metadata