detect-python-command
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill provides the
run-python.shscript to execute arbitrary Python files with user-specified arguments. Evidence:skills/detect-python-command/scripts/run-python.sh script.py [args...]. This creates a command execution capability that requires careful argument handling to prevent shell injection. - [PROMPT_INJECTION] (MEDIUM): The skill facilitates an Indirect Prompt Injection surface. Ingestion points: Script paths and arguments provided to
run-python.sh. Boundary markers: None present in the documentation. Capability inventory: Ability to run Python scripts across different environments (uv, venv, system). Sanitization: Not verifiable as the shell script source code is missing from the skill definition.
Audit Metadata