uv
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [NO_CODE]: The skill package is composed entirely of Markdown files (SKILL.md, build.md, scripts.md) and does not contain any executable scripts, binaries, or active code components.
- [COMMAND_EXECUTION]: The documentation provides standard CLI examples for the 'uv' tool, such as running scripts and adding dependencies. These instructions are intended for user guidance and do not represent malicious command injection.
- [EXTERNAL_DOWNLOADS]: The skill describes the legitimate functionality of 'uv' to download Python packages from registries. It uses 'https://example.com' as a placeholder for custom index configuration, which is safe and standard in technical documentation.
Audit Metadata