deepnote-notebook
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python script templates executed via shell heredocs to programmatically modify local .ipynb files. This approach is standard for the intended task of structural notebook editing.
- [PROMPT_INJECTION]: The skill processes Jupyter notebooks as external data sources, creating a surface for potential indirect prompt injection.
- Ingestion points: Instructions specify reading and parsing local .ipynb files.
- Boundary markers: No explicit instructions to ignore embedded commands or boundary markers are included in the provided templates.
- Capability inventory: The skill requires local file system modification and Python script execution capabilities.
- Sanitization: Content is transferred directly between JSON fields without intermediate sanitization to preserve the integrity of code and markdown text.
Audit Metadata