Skills
skills/kentoshimizu/sw-agent-skills/python-style-guide/Gen Agent Trust Hub

python-style-guide

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local orchestration scripts and industry-standard quality gate tools.
  • Evidence: Executes python3 scripts/resolve_style_guides.py and python3 scripts/validate_trigger_matrix_sync.py for internal logic.
  • Evidence: Executes uv run ruff, uv run mypy, and uv run pytest for code quality enforcement. These tools are well-known in the Python ecosystem and used for their intended primary purpose.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core function of processing and reviewing external code artifacts.
  • Ingestion points: Analyzes .py, pyproject.toml, and other language-specific source files (e.g., .sh, .js, .go, .rs) identified in the trigger-matrix.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the ingested data are specified.
  • Capability inventory: The skill has the capability to execute shell commands (linting/testing) and generate refactor plans based on the input code.
  • Sanitization: There is no evidence of sanitization or escaping of untrusted code content before it is processed by the agent or passed to the quality gate tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 08:38 PM