Skills
skills/quick-brown-foxxx/coding_rules_python/setting-up-python-projects/Gen Agent Trust Hub

setting-up-python-projects

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/bootstrap.py script utilizes subprocess.run to automate environment setup tasks, specifically running uv sync and installing pre-commit hooks.
  • [EXTERNAL_DOWNLOADS]: The skill fetches configuration templates (e.g., pyproject.toml, AGENTS.md) from the author's public GitHub repository (quick-brown-foxxx/coding_rules_python).
  • [PROMPT_INJECTION]: The skill creates project-specific documentation and configuration files based on external templates. This defines a surface for indirect prompt injection where instructions in templates (like AGENTS.md) could influence agent behavior.
  • Ingestion points: Project templates are sourced from the quick-brown-foxxx/coding_rules_python repository.
  • Boundary markers: Content is integrated into the local project structure without specific delimiters.
  • Capability inventory: Includes file system modifications and execution of environment setup commands in scripts/bootstrap.py and via the uv tool.
  • Sanitization: External templates are utilized as provided by the author's repository without additional filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 08:52 PM