python-clean-code
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is designed to process untrusted external Python code for the purpose of refactoring and code review. This creates a high-severity vulnerability surface. \n
- Ingestion points: Python source code files provided for review or editing. \n
- Boundary markers: Absent; the skill defines no delimiters or instructions to treat embedded comments/strings as data rather than instructions. \n
- Capability inventory: The skill is used for writing, fixing, and refactoring code, which are high-privilege operations that could be exploited if malicious instructions are encountered in user-provided code. \n
- Sanitization: Absent; no input validation or filtering logic is provided to clean external code before processing. \n- [Category 4: Unverifiable Dependencies] (INFO): The rules E1 and E2 mention standard commands like
pip installandpytest. These are defined as architectural standards for the code being audited, rather than commands for the agent to execute on the host system.
Recommendations
- AI detected serious security threats
Audit Metadata