pypi-ops
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local shell and Python scripts (e.g.,
publish-preflight.sh,diagnose-publish.sh) to perform packaging tasks, audit repository state, and analyze build logs. These operations are restricted to the user's workspace and intended workflows. - [EXTERNAL_DOWNLOADS]: Fetches package metadata from the official PyPI JSON API and resolves GitHub Action commit SHAs via the official GitHub API. These network operations target well-known, trusted services for validation purposes.
- [DATA_EXFILTRATION]: Accesses local configuration files (
pyproject.toml,uv.lock) and GitHub Action run logs for diagnostics. No sensitive data is transmitted to unauthorized or untrusted third-party domains; credential handling is minimized by emphasizing OIDC over stored tokens. - [PROMPT_INJECTION]: The skill includes a log diagnostic tool that processes external GitHub Action run logs. While this involves reading untrusted input, the data is processed via regex matching for error classification and is not executed or used to override agent behavior, effectively mitigating indirect injection risks.
Audit Metadata