pixi
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Provides instructions for running shell commands and project tasks via the Pixi CLI.
- [SAFE]: The skill uses well-known technology domains and official documentation links. All package references are standard and appropriate for the context.
- [PROMPT_INJECTION]: Indirect prompt injection risk factor analysis:
- Ingestion points: Ingests untrusted data from
pixi.tomlandpixi.lockconfiguration files. - Boundary markers: No specific instructions are provided to validate the contents of the tasks before execution.
- Capability inventory: Allows shell execution through Pixi's task and environment management features.
- Sanitization: None; the skill assumes project configuration is part of a trusted environment.
Audit Metadata