managing-python-with-uv

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a secure posture for Python development by utilizing the uv toolchain for project initialization and dependency management.
  • [SAFE]: Instructions for quality assurance leverage industry-standard tools like ruff and pytest, along with specific utilities for type checking and hook running.
  • [SAFE]: Security best practices are followed regarding credential management, explicitly directing the use of environment variables for PyPI tokens instead of hardcoding values.
  • [SAFE]: The packaging workflow includes verification steps such as inspecting wheel contents and testing installations from built artifacts to ensure integrity before release.
  • [SAFE]: Standalone script patterns use uv's inline metadata and lockfile features to ensure reproducibility and clear dependency declaration without modifying the global system environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 05:19 AM
Security Audit — agent-trust-hub — managing-python-with-uv