python-code-style
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
pixi run rufffor formatting and linting. These operations are restricted to the local development environment and the specific Ruff utility as part of the intended workflow. - [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were identified. The skill implements a safety guardrail limiting the agent to a maximum of two fix attempts per file to prevent infinite loops.
- [PROMPT_INJECTION]: The skill processes external Python files, which represents a potential indirect prompt injection surface. However, the agent's task is narrowly defined to applying stylistic fixes based on structured linter output.
- Ingestion points: Python source files (.py) provided in the workspace.
- Boundary markers: Absent; there are no explicit delimiters between code content and agent instructions.
- Capability inventory: Shell command execution via pixi and file system write access to apply code changes.
- Sanitization: Absent; the agent relies on context and the specific diagnostics provided by the Ruff tool to perform its task.
Audit Metadata