managing-python-with-uv

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill follows secure practices for credential management by using environment variables ($PYPI_TOKEN, $TEST_PYPI_TOKEN) for package publishing commands in references/packaging.md.
  • [COMMAND_EXECUTION]: The instructions utilize uv run to execute scripts, tests, and quality tools, which is the intended and standard functionality for this type of Python management skill.
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing development tools (ruff, ty, pytest, prek) through the uv package manager, which fetches verified packages from the standard Python Package Index (PyPI).
  • [SAFE]: The project management workflows (init, sync, add) are standard for the uv ecosystem and do not exhibit suspicious patterns or privilege escalation attempts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 03:44 AM
Security Audit — agent-trust-hub — managing-python-with-uv