notebook-to-pipeline-surgeon
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/quick_validate_skill.pyutilizessubprocess.runto execute the local contract test filetests/test_skill_contract.py. This is a standard validation practice within development-oriented skills and safely usessys.executableto ensure the same Python environment is maintained. - [DYNAMIC_EXECUTION]: The test file
tests/test_skill_contract.pyuses thecompile()function to verify that all Python scripts in the skill folder are syntactically correct. It does not callexec()oreval()on the resulting code objects, which is a safe and common method for static syntax validation. - [INDIRECT_PROMPT_INJECTION]: This skill is designed to ingest and process Jupyter notebooks (
.ipynb), which constitutes an untrusted data surface. To mitigate risks, the skill includes a dedicated auditing scriptscripts/notebook_repro_audit.pythat specifically scans for and flags risky content within notebooks, such as shell command execution, absolute file paths, and network download requests (requests,wget,curl). This represents a proactive security measure against indirect injection via data processing.
Audit Metadata