python-packaging
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard templates and guidance for Python packaging using official tools such as
pip,twine, andbuild. No malicious commands or scripts were detected. - [SAFE]: Instructions for handling sensitive credentials, such as PyPI API tokens, correctly follow security best practices by recommending the use of environment variables, GitHub Secrets, and restricted configuration files (
.pypirc). - [SAFE]: External references to GitHub Actions and distribution tools (e.g.,
pypa/cibuildwheel) target well-known organizations and official repositories within the software development ecosystem. - [SAFE]: All included Python code snippets for CLI tools and metadata configuration are benign and serve as standard boilerplate examples.
Audit Metadata