python-cli-patterns
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational content and a production-ready template for Python CLI development. All code snippets are benign and follow best practices.
- [DATA_EXPOSURE]: The skill includes examples of reading configuration from environment variables (e.g.,
DB_PASSWORD,DATABASE_URL) and XDG-compliant directories (e.g.,~/.config/myapp). These are documented as standard configuration patterns and do not involve credential exfiltration or hardcoded secrets. - [EXTERNAL_DOWNLOADS]: The skill references common, reputable Python libraries including
typer,rich,pydantic-settings, andtomllib. No unverifiable dependencies or remote script executions are present. - [INDIRECT_PROMPT_INJECTION]: The CLI template in
assets/cli-template.pyincludes a file processing command. This represents a standard data ingestion surface for CLI tools. The capability is restricted to reading/writing files as specified by the user and does not pose an elevated risk in this context.
Audit Metadata