python-packaging
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): Automated scans (URLite) identified a blacklisted malicious URL within the MANIFEST.in file. This suggests the skill is designed to pull resources from untrusted or harmful domains.
- REMOTE_CODE_EXECUTION (HIGH): Presence of a malicious URL in a package manifest is highly indicative of an attempt to execute remote code during the skill's installation or initialization phase.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata