uv
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation guide for 'uv', an industry-standard Python tool developed by Astral. The instructions reflect typical developer workflows for package management and script execution.\n- [EXTERNAL_DOWNLOADS]: The documentation references common and trusted Python libraries like 'requests', 'rich', and 'httpx' from public registries. It also outlines the legitimate use of alternative package indices via the '--index' flag for custom repository configurations.\n- [COMMAND_EXECUTION]: The skill explains how to execute Python scripts using 'uv run', covering various methods including local file execution, piped input from stdin, and scripts containing inline metadata or shebangs.\n- [PROMPT_INJECTION]: No evidence was found of prompt injection attempts, instructions to override agent safety guidelines, or deceptive metadata designed to misdirect the AI agent.
Audit Metadata