python-dev
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documents the installation of the
uvpackage manager using a piped shell script from the well-known sourcehttps://astral.sh/uv/install.sh. - [COMMAND_EXECUTION]: Instructions in
references/file-processing.mdinclude usingsudo apt-get installfor system dependencies such astesseract-ocr,poppler-utils,pandoc, andlibreoffice. - [REMOTE_CODE_EXECUTION]: The documentation mentions using
npxto execute the@modelcontextprotocol/inspectortool for testing MCP servers. - [PROMPT_INJECTION]: The patterns provided for reading and extracting text from PDF, Word, and Excel files in
references/file-processing.mdpresent an indirect prompt injection surface when the output is processed by an LLM. - Ingestion points: File processing utilities in
references/file-processing.mdthat read external.pdf,.docx, and.xlsxfiles. - Boundary markers: No explicit instruction delimiters or boundary markers are used in the provided text extraction snippets.
- Capability inventory: The skill includes patterns for database operations (
references/database-orm.md), file system modifications, and network requests (references/mcp-servers.md). - Sanitization: While the skill includes a
safe_pathutility inreferences/mcp-servers.mdto prevent directory traversal, it does not provide general sanitization patterns for LLM-directed text processing.
Audit Metadata