python-development-python-scaffold
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard project initialization commands such as 'uv init', 'git init', and 'uv venv'. These are routine development operations performed locally within the project directory.
- [EXTERNAL_DOWNLOADS] (SAFE): The listed dependencies (FastAPI, Django, Ruff, etc.) are well-known, reputable packages from the official Python Package Index (PyPI). The use of 'uv' for dependency management is a secure modern practice.
- [CREDENTIALS_UNSAFE] (SAFE): The '.env.example' file correctly uses placeholders like 'your-secret-key-here' and generic database connection strings, ensuring no real secrets are exposed in the templates.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests user requirements to determine project types. While it does not explicitly define sanitization for user-provided project names, the generated output is static code structure, posing minimal risk in a development context.
Audit Metadata