wasm-compatibility
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted content from user-provided notebook files. While this presents an inherent surface for indirect prompt injection, the skill's logic is constrained to identifying specific import statements and metadata patterns, and it does not execute the target code. The risk is considered part of the expected operational profile for an analysis tool.
- [EXTERNAL_DOWNLOADS]: The skill instructions involve checking package availability on PyPI (pypi.org). This is a standard procedure for identifying package types (pure-Python vs. native extensions) and targets a well-known, trusted technology service. No code is downloaded for execution.
Audit Metadata