Skills
skills/wdm0006/python-skills/packaging-python-libraries/Gen Agent Trust Hub

packaging-python-libraries

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Prompt Injection] (SAFE): No malicious instructions, bypass attempts, or role-play patterns detected. All instructions are focused on Python packaging documentation.
  • [Data Exposure & Exfiltration] (SAFE): No sensitive data exposure. The skill correctly uses placeholders for API tokens (pypi-xxx...) and points users to official PyPI documentation for token management.
  • [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard, well-known Python utilities (build, twine, setuptools). All GitHub Actions used in the examples are from the official actions and pypa organizations.
  • [Privilege Escalation] (SAFE): No use of sudo or other privilege-altering commands. Installation commands use standard pip usage.
  • [Indirect Prompt Injection] (SAFE): The skill is primarily static documentation and does not present an attack surface for processing untrusted data into instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM