python-repl
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill facilitates an interactive Python REPL environment. By design, this provides the agent with the ability to execute arbitrary Python code, including system commands via standard libraries.
- [PROMPT_INJECTION] (HIGH): High susceptibility to Indirect Prompt Injection. The skill specifically highlights workflows for reading external files (e.g., pd.read_csv) and inspecting their contents. If an attacker provides a malicious file, instructions hidden within the data could be interpreted by the agent as commands, leading to unauthorized actions.
- [EXTERNAL_DOWNLOADS] (LOW): Relies on common, reputable Python libraries (ipython, numpy, pandas) which are generally considered safe dependencies.
Recommendations
- AI detected serious security threats
Audit Metadata