python-style
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains only instructional content related to Python coding standards and does not attempt to override system prompts or bypass safety filters.
- [Data Exposure & Exfiltration] (SAFE): There are no hardcoded credentials, sensitive file paths (like SSH keys), or network-related commands found in the instructions.
- [Obfuscation] (SAFE): The markdown file is clear and human-readable with no hidden characters, Base64 encoding, or homoglyphs.
- [Command Execution] (SAFE): The skill instructs the agent to run standard, local development tools (e.g., black, ruff, mypy, pytest). This is the primary purpose of the skill and does not involve arbitrary or malicious command injection.
- [Indirect Prompt Injection] (SAFE): While the skill ingests local Python files and configuration data (e.g., pyproject.toml) which could theoretically contain malicious instructions, the skill's logic is narrowly focused on structural code improvements (formatting, typing, docstrings), minimizing the risk of adverse action from untrusted data.
- [No Code] (SAFE): This skill is composed entirely of a markdown configuration file with no accompanying executable scripts, reducing the direct attack surface.
Audit Metadata