Skills
skills/wyattowalsh/agents/python-conventions/Gen Agent Trust Hub

python-conventions

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute various shell commands including uv run, pytest, and ruff. While standard for development, these commands execute code defined within the project files.
  • [EXTERNAL_DOWNLOADS]: The skill mandates the use of uv add for package management, which fetches and installs dependencies from the Python Package Index (PyPI). PyPI is a well-known and standard service for the Python ecosystem.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data (source code and project configuration).
  • Ingestion points: Processes .py files and pyproject.toml configuration files.
  • Boundary markers: No specific delimiters or warnings to ignore embedded instructions are defined for the agent when reading file content.
  • Capability inventory: The agent can execute commands (uv run), install packages (uv add), and run tests (pytest), all of which interact with the project environment.
  • Sanitization: The skill does not provide mechanisms for sanitizing or validating the content of the Python files before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 05:38 PM