Skills
skills/modular/skills/mojo-python-interop/Gen Agent Trust Hub

mojo-python-interop

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill documents the use of Python.evaluate(), a standard Mojo function that enables the evaluation of Python expressions and scripts. While used here for legitimate interop, it provides a technical mechanism for dynamic code execution.\n- [PROMPT_INJECTION]: The skill facilitates the ingestion of data from the Python environment into the Mojo agent context through PythonObject conversions and module imports. \n
  • Ingestion points: Python.import_module(), Python.evaluate(), and PythonObject type casting.\n
  • Boundary markers: Absent; the examples do not include delimiters or instructions to ignore embedded content within Python-sourced data.\n
  • Capability inventory: Includes arbitrary Python code execution via evaluate, path manipulation via add_to_path, and binary module creation via PythonModuleBuilder.\n
  • Sanitization: No sanitization or validation of data returned from the Python environment is demonstrated in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 06:43 PM