Skills
skills/zainhas/togetherai-skills/together-code-interpreter/Gen Agent Trust Hub

together-code-interpreter

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary Python code in a remote sandboxed environment via the Together AI Code Interpreter API. This includes functionality for stateful sessions and chart generation.
  • [EXTERNAL_DOWNLOADS]: The skill involves installing the together Python SDK and using npx for TypeScript execution, which can trigger package downloads from official registries.
  • [DATA_EXFILTRATION]: The skill's ability to upload files to a remote environment creates a potential path for data exfiltration if an agent is instructed to send sensitive local data to the API.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes stdout and stderr from the remote environment without sanitization.
  • Ingestion points: Remote execution outputs are ingested in execute_with_session.py and execute_with_session.ts.
  • Boundary markers: None provided in the implementation scripts.
  • Capability inventory: The skill allows local file writing and network communication with the Together AI API.
  • Sanitization: No filtering or instruction-ignoring delimiters are applied to the outputs received from the remote sandbox.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 01:58 AM