datalore-notebook
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the
uvtool to manage its dependencies,keyringandrequests. These are standard, industry-recognized libraries for secure credential storage and HTTP communication. - [SAFE]: Authentication is handled using security best practices. It supports
DATALORE_API_TOKENenvironment variables and interactive OAuth PKCE browser login. Secrets are stored locally in the system's secure keychain via thekeyringlibrary rather than in plain text files. - [SAFE]: The CLI script (
scripts/datalore) performs network operations to Datalore API endpoints (defaulting todatalore.jetbrains.com) to manage cells, files, and kernels. These operations are necessary for the skill's functionality and target the vendor's official domain. - [SAFE]: The skill's core functionality involves executing code (Python, SQL) and managing data within the remote Datalore notebook environment. This behavior is transparently documented and aligned with the skill's primary objective of data analysis and notebook management.
- [INDIRECT_PROMPT_INJECTION]: The skill has the capability to read cell outputs and file contents from the Datalore notebook. If an attacker-controlled notebook is processed, it could contain malicious instructions. This is a common attack surface for data-processing tools, and the risk is mitigated by the agent's internal safety guardrails.
Audit Metadata