python
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documents the installation of standard Python development tooling from official and well-known sources. Instructions include downloading the 'uv' package manager and 'ruff' linter/formatter from the astral.sh domain, which belongs to Astral Software, a reputable maintainer in the ecosystem. It also references official Python distributions from python.org.
- [REMOTE_CODE_EXECUTION]: The documentation provides standard setup commands that involve piping remote scripts to a shell (e.g., 'curl ... | sh' and 'irm ... | iex') for 'uv' and 'ruff'. These scripts originate from the official domains of well-known developers and are the recommended installation methods for these tools.
- [COMMAND_EXECUTION]: The skill provides numerous examples of local CLI commands (e.g., 'uv init', 'uv run', 'pytest') for managing projects and running tests. These are routine development workflows and do not involve autonomous execution of dangerous commands.
Audit Metadata