poetry-rye-dependency-management
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted project data.
- Ingestion points: The agent is directed to read pyproject.toml files using Glob, Grep, and Read tools, and to maintain state in .claude/context/memory/learnings.md.
- Boundary markers: No explicit markers are provided to separate instructions from untrusted file content.
- Capability inventory: The skill utilizes Bash, Write, and Edit tools which can execute commands and modify files.
- Sanitization: There are no instructions for sanitizing or validating content from configuration files before tool execution.
- [EXTERNAL_DOWNLOADS]: The skill documentation describes standard CI/CD workflows that download tools from well-known registries and use official GitHub Actions from trusted organizations like the actions organization. These references follow established best practices for development workflows.
Audit Metadata