jupyter-notebook
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses local templates and scripts to automate notebook creation. All operations are confined to the local filesystem and use standard tools.
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
new_notebook.py) to automate the creation of notebook files. This is a legitimate use of internal scripts for scaffolding purposes. - [EXTERNAL_DOWNLOADS]: The documentation suggests installing well-known packages like
jupyterlabandipykernelfrom standard registries, which are trusted sources. - [PROMPT_INJECTION]: The skill was evaluated for indirect prompt injection surfaces (Category 8). It ingests agent-provided titles into notebook markdown cells. This is a core function of the scaffolding script and is implemented using standard JSON manipulation without execution risk.
Audit Metadata