Skills
skills/dudusoar/vrp-toolkit/manage-python-env/Gen Agent Trust Hub

manage-python-env

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION] (CRITICAL): In SKILL.md, the command curl -LsSf https://astral.sh/uv/install.sh | sh is a confirmed remote code execution pattern. This method executes an unverified script from an external domain directly in the shell. The domain astral.sh is not present in the list of Trusted External Sources.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill suggests commands for installing packages from arbitrary git repositories and external sources (e.g., uv add git+...), which involves downloading untrusted code.
  • [Indirect Prompt Injection] (LOW): The skill provides an ingestion surface for untrusted data via pyproject.toml and requirements.txt. (1) Ingestion points: pyproject.toml, requirements.txt in project setup. (2) Boundary markers: Absent. (3) Capability inventory: uv run and uv sync allow for code execution and environment modification. (4) Sanitization: Not applicable for documentation.
Recommendations
  • HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:27 PM