python-pro
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill encourages and instructs the agent to use various CLI tools including
uv,ruff,pytest,docker, andkubectlfor project management, linting, and deployment. - [DYNAMIC_EXECUTION]: The skill identifies metaprogramming and dynamic code generation as core competencies. These are standard advanced Python features but can be exploited to execute arbitrary logic if the agent is directed to process untrusted input.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) because its primary purpose involves reviewing external codebases and processing data pipelines.
- Ingestion points: Python codebases, data files (via Pandas/NumPy), and API request schemas in
advanced-python-patterns.mdanddata-science-machine-learning.md. - Boundary markers: No specific boundary markers or 'ignore embedded instructions' warnings are present in the skill's instructions for handling external data.
- Capability inventory: The skill is capable of file system operations, subprocess execution (via modern tooling), and network requests (via FastAPI/asyncio).
- Sanitization: The skill emphasizes Pydantic for data validation but does not provide explicit instructions for sanitizing code comments or documentation that might contain malicious prompts.
- [EXTERNAL_DOWNLOADS]: The skill recommends using package managers like
uvandpipto install dependencies from well-known services such as PyPI.
Audit Metadata