Skills
skills/daviddwlee84/agent-skills/streamlit-to-marimo/Gen Agent Trust Hub

streamlit-to-marimo

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's primary function is to ingest and process untrusted data (Streamlit source code), which creates a surface for indirect prompt injection.
  • Ingestion points: The skill instructs the agent to read external Streamlit application files (SKILL.md).
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore potential commands embedded within the input code or its comments.
  • Capability inventory: The agent has the capability to write new files (marimo notebooks) and execute CLI tools.
  • Sanitization: The skill does not specify any sanitization, validation, or escaping procedures for the content of the input Streamlit files.
  • [COMMAND_EXECUTION]: The skill utilizes the uvx marimo check command to validate the converted notebook. This is an execution of the well-known uv tool and marimo library for legitimate development purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 07:26 AM
Security Audit — agent-trust-hub — streamlit-to-marimo