Skills
skills/bjornmelin/dev-skills/dmc-py/Gen Agent Trust Hub

dmc-py

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The fetch_docs.py script fetches documentation data from https://www.dash-mantine-components.com/assets/llms.txt. This is a standard utility function that retrieves official technical references to assist with code generation and component search.
  • [COMMAND_EXECUTION]: The skill performs controlled shell operations using the subprocess module:
  • fetch_docs.py dynamically installs the httpx package via pip if it is not present in the environment.
  • component_search.py executes the local fetch_docs.py script to perform online searches. These operations are hardcoded or use argument lists, preventing arbitrary command injection.
  • [PROMPT_INJECTION]: The skill ingests documentation from an external URL which is then searched and provided to the agent as context. This creates a surface for indirect prompt injection if the remote documentation were to be compromised, although the current source is the official technology domain.
  • [SAFE]: No malicious patterns such as credential theft, multi-layer obfuscation, or persistence mechanisms were detected. File system activities are limited to project scaffolding and standard caching within the user's local directory.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:31 PM