uv-package-management-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill defines a workflow for running scripts using 'uv run'. This is a core feature of the assistant but technically allows the agent to execute code within the host environment.\n- EXTERNAL_DOWNLOADS (LOW): The assistant is designed to install Python packages via 'uv add'. While this downloads third-party code from PyPI, it is the primary stated purpose of the skill, warranting a lower severity level per the trust-scope rules.\n- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) as it handles untrusted data that could specify package names or script logic.\n
- Ingestion points: Package names and script paths provided by users or found in external files.\n
- Boundary markers: None are specified to separate instructions from untrusted data.\n
- Capability inventory: Subprocess execution ('uv run') and external package installation ('uv add').\n
- Sanitization: No input validation or sanitization logic is provided in the skill documentation.
Audit Metadata