astropy

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documents the use of astropy.utils.data.download_file and astropy.io.fits (via fsspec) to access remote datasets and configuration files from external URLs and S3 buckets. These are legitimate features of the library for accessing astronomical data and Earth rotation (IERS) information.
  • [COMMAND_EXECUTION]: Instructions are provided for installing the library and its optional dependencies using uv pip. This is standard practice for setting up the required environment for the skill.
  • [DATA_EXFILTRATION]: The skill includes capabilities to read and write files and perform network requests. While these could theoretically be chained, they are documented here in the context of astronomical data processing (e.g., reading a FITS image, processing it, and saving the results). No malicious exfiltration logic was detected.
  • [SAFE]: The external resources referenced, such as the official Astropy documentation at docs.astropy.org and the source repository on GitHub, are well-known and trusted academic/scientific services.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 12:30 PM
Security Audit — agent-trust-hub — astropy