python-coder
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as a style guide for Python development and does not contain any malicious instructions or executable scripts. It promotes best practices such as PEP 8 compliance and type hinting.
- [DATA_EXFILTRATION]: The skill includes code snippets demonstrating the use of 'requests' and 'aiohttp' for fetching data from external URLs. These are documented as standard implementation examples and include security best practices like timeouts and proper error handling. No hardcoded credentials or access to sensitive local files were found.
- [PROMPT_INJECTION]: The skill defines patterns for ingesting data from external sources, which is a potential surface for indirect prompt injection. Ingestion points: 'fetch_data' and 'fetch_all' functions in SKILL.md. Boundary markers: Absent in the snippets. Capability inventory: Network requests using the 'requests' and 'aiohttp' libraries. Sanitization: The provided examples include basic HTTP error handling but do not implement specific content filtering.
Audit Metadata