Skills
skills/microsoft/ai-agents-for-beginners/jupyter-notebook/Gen Agent Trust Hub

jupyter-notebook

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill inserts user-provided titles into notebook files, creating a surface for instruction injection if the input is untrusted. 1. Ingestion points: The title argument in the new_notebook.py script. 2. Boundary markers: Absent in the markdown title cell. 3. Capability inventory: The script writes to the filesystem and the skill workflow includes notebook execution. 4. Sanitization: Filenames are slugified but markdown content is not escaped.
  • [External Downloads] (LOW): The skill recommends the installation of standard packages such as jupyterlab and ipykernel.
  • [Command Execution] (SAFE): The skill executes a bundled Python script to automate notebook generation from local templates using standard libraries.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 01:39 AM