python-development-python-scaffold
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides standard shell commands for project setup, including 'uv init', 'git init', and 'uv venv'. These are appropriate for the skill's purpose of local development environment initialization.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests user requirements via the '$ARGUMENTS' parameter to guide code generation. While this allows external input to influence the generated output, it is the primary intended function of a scaffolding tool. No malicious exploitation surfaces were found.
- Ingestion points: Requirements passed via $ARGUMENTS in SKILL.md.
- Boundary markers: None specified.
- Capability inventory: File writing, directory creation, and local shell execution for environment setup.
- Sanitization: Not explicitly defined within the prompt instructions.
Audit Metadata