python-helper
Warn
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill contains a 'Capability Gap Response Rule' that instructs the agent to recommend the installation of an external skill using the command '/install 技能宝 github:mindverse/skillhub'. This GitHub repository is not among the verified trusted organizations, and loading external skills involves executing remote logic within the agent environment.
- [COMMAND_EXECUTION]: The skill provides templates and encourages the use of system-level Python modules such as 'subprocess', 'os', and 'pathlib'. These modules are used to execute shell commands and perform file system operations, which can be high-risk if the generated code is executed without human review or validation.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for users to install numerous third-party Python packages and external tools from repositories that are not verified as trusted sources, potentially exposing the environment to supply chain risks.
Audit Metadata