managing-python-with-uv
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure practices for credential management by using environment variables (
$PYPI_TOKEN,$TEST_PYPI_TOKEN) for package publishing commands inreferences/packaging.md. - [COMMAND_EXECUTION]: The instructions utilize
uv runto execute scripts, tests, and quality tools, which is the intended and standard functionality for this type of Python management skill. - [EXTERNAL_DOWNLOADS]: The skill recommends installing development tools (
ruff,ty,pytest,prek) through theuvpackage manager, which fetches verified packages from the standard Python Package Index (PyPI). - [SAFE]: The project management workflows (init, sync, add) are standard for the
uvecosystem and do not exhibit suspicious patterns or privilege escalation attempts.
Audit Metadata