Skills
skills/jupyter-ai-contrib/nb-cli/notebook-cli/Gen Agent Trust Hub

notebook-cli

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill mandates the use of its own CLI ('nb') over standard agent tools like Read or NotebookEdit. It also processes Jupyter notebook files which can contain untrusted data. Ingestion points: 'nb read' and 'nb search' commands; Boundary markers: uses '@@notebook' and '@@cell' sentinels with JSON metadata; Capability inventory: includes code execution ('nb execute'), cell modification, and shell command substitution; Sanitization: no specific sanitization of notebook content is described.
  • [COMMAND_EXECUTION]: The skill instructions utilize shell command substitution ('$(nb status --python)') to dynamically execute commands in the appropriate Python environment.
  • [REMOTE_CODE_EXECUTION]: The skill allows for the execution of arbitrary code within Jupyter notebooks, including support for remote notebook servers via URLs and authentication tokens.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 03:31 AM