jupyter-live-kernel

Warn

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill clones a repository from an unverified GitHub account (https://github.com/hamelsmu/hamelnb.git) to a local directory during the setup process.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes uv run to execute a script (jupyter_live_kernel.py) directly from the third-party repository downloaded in the setup phase.
  • [COMMAND_EXECUTION]: The skill provides instructions to start a JupyterLab server with authentication disabled (--IdentityProvider.token='' --ServerApp.password=''). This allows any process or user on the local system to connect to the server and execute arbitrary code via the Jupyter API.
  • [COMMAND_EXECUTION]: The primary function of the skill is to execute arbitrary Python code provided through the --code flag within a live kernel, which is a powerful capability that must be monitored for malicious input.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 01:45 PM
Security Audit — agent-trust-hub — jupyter-live-kernel