notebook-to-pipeline-surgeon

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/quick_validate_skill.py utilizes subprocess.run to execute the local contract test file tests/test_skill_contract.py. This is a standard validation practice within development-oriented skills and safely uses sys.executable to ensure the same Python environment is maintained.
  • [DYNAMIC_EXECUTION]: The test file tests/test_skill_contract.py uses the compile() function to verify that all Python scripts in the skill folder are syntactically correct. It does not call exec() or eval() on the resulting code objects, which is a safe and common method for static syntax validation.
  • [INDIRECT_PROMPT_INJECTION]: This skill is designed to ingest and process Jupyter notebooks (.ipynb), which constitutes an untrusted data surface. To mitigate risks, the skill includes a dedicated auditing script scripts/notebook_repro_audit.py that specifically scans for and flags risky content within notebooks, such as shell command execution, absolute file paths, and network download requests (requests, wget, curl). This represents a proactive security measure against indirect injection via data processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:30 AM
Security Audit — agent-trust-hub — notebook-to-pipeline-surgeon