python-script
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill's primary function is to generate and run Python scripts locally using
uv run. This represents a significant capability for arbitrary code execution, though it is the stated purpose of the skill. - Evidence: Workflow step 5 in
SKILL.mdand the provided script template inreferences/script-template.mddemonstrate the intent to execute generated logic. - [REMOTE_CODE_EXECUTION] (LOW): The skill uses the
uvtool to automatically download and install Python packages listed in the script's metadata. While the template uses standard packages, this mechanism allows the execution of code from external registries. - Evidence: Dependency list in
references/script-template.mdincludesclick,rich, andrequestswhich are fetched at runtime. - [EXTERNAL_DOWNLOADS] (LOW): The skill performs external network requests to fetch dependencies and linting tools from PyPI during the development and execution phases.
- Evidence: Workflow step 4 (
uvx ruff) and step 5 (uv run) rely on external package availability. - [PROMPT_INJECTION] (LOW): As a tool that processes external data and API responses, it provides a surface for indirect prompt injection. The skill includes instructions to mitigate this risk through input validation.
- Evidence: Safety practices in
SKILL.mdexplicitly mention validating API responses and external inputs.
Audit Metadata