uv-package-manager
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides commands to download and execute installation scripts from the official Astral.sh domain.
- Evidence: Installation scripts from 'https://astral.sh/uv/install.sh' and 'https://astral.sh/uv/install.ps1' are referenced in 'resources/implementation-playbook.md'.
- [REMOTE_CODE_EXECUTION]: The installation guide utilizes piped shell execution methods for setup.
- Evidence: 'curl | sh' and PowerShell 'irm | iex' commands in 'resources/implementation-playbook.md' download and execute remote code to install the binary.
- [COMMAND_EXECUTION]: The implementation playbook contains extensive examples of shell commands for managing virtual environments, installing packages, and running Python scripts.
- Evidence: Numerous 'uv' commands and activation scripts across 'resources/implementation-playbook.md'.
- [PROMPT_INJECTION]: The skill processes project configuration files which serves as a potential surface for indirect prompt injection.
- Ingestion points: 'pyproject.toml', 'requirements.txt', and 'uv.lock' files referenced throughout 'resources/implementation-playbook.md'.
- Boundary markers: None identified in the command examples.
- Capability inventory: Shell command execution via 'uv run' and the ability to install arbitrary packages.
- Sanitization: No sanitization or validation of untrusted configuration file contents is described.
Audit Metadata