py-modernize
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill mentions a shell script installation method for the uv tool from its official domain (astral.sh). This is a well-known service in the Python ecosystem, and the skill explicitly recommends using system package managers as a safer alternative.- [COMMAND_EXECUTION]: The skill directs the agent to use standard CLI tools (cat, rm, grep) and reputable Python utilities (uv, ruff, pyupgrade) for project maintenance. These operations are consistent with legitimate development workflows.- [PROMPT_INJECTION]: The skill involves reading project configuration and source files. While this creates an exposure surface for indirect prompt injection, the risk is minimal as the specialized tools used are not designed to execute natural language instructions found within code or config files.
Audit Metadata