python-practice
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses various shell commands to manage the learning environment. These include
git cloneto pull the practice workspace,mkdirandcdfor directory management, andgit committo record progress. All commands are targeted at the designated practice path/home/laborant/repos/python-practice.\n- [EXTERNAL_DOWNLOADS]: Downloads a practice workspace from a public GitHub repository belonging to the author (nrayyagari/python-practice). This is used to provide the user with a structured environment for exercises.\n- [REMOTE_CODE_EXECUTION]: The core functionality involves generating Python scripts and then executing them usingpythonorpytest. While this involves running dynamically created code, it is the intended behavior for an automated tutor to verify user solutions.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by reading thelearning-log.mdfile located in the user's local repository. This file influences exercise generation logic.\n - Ingestion points: Reads
learning-log.mdin Step 4 of the workflow to adapt exercises.\n - Boundary markers: Absent; the skill is instructed to scan the log for mistakes and concepts.\n
- Capability inventory: The agent can write files and execute Python code via shell commands.\n
- Sanitization: No specific sanitization or escaping of the log content is mentioned before it is processed by the model.
Audit Metadata