prioritize-python-3-10-features
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted Python source code.
- Ingestion points: The agent reads files matching the '**/*.py' glob pattern as defined in SKILL.md.
- Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from following malicious instructions embedded in code comments.
- Capability inventory: The agent utilizes Read, Write, and Edit tools which could be exploited if an injection is successful.
- Sanitization: No input sanitization or validation of the code content is performed.
- [COMMAND_EXECUTION]: The skill contains a 'Memory Protocol' that explicitly instructs the agent to execute a shell command.
- Evidence: The command 'cat .claude/context/memory/learnings.md' is specified in the SKILL.md file as a mandatory starting step for the agent.
Audit Metadata