Oathe Security Badge

Is awesome_agent_skills/python-expert safe?

https://github.com/Shubhamsaboo/awesome-llm-apps/tree/main/awesome_agent_skills/python-expert

94
SAFE

This is a legitimate Python development assistant skill containing educational content about Python best practices, coding standards, and development workflows. The skill consists only of markdown documentation files with no executable code or malicious functionality.

Category Scores

Prompt Injection 98/100 · 30%
Data Exfiltration 87/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW Sensitive Files Accessed During Installation -13

Multiple sensitive canary files (.env, SSH keys, AWS credentials, etc.) were accessed during the skill installation process. However, the files were opened read-only and no modifications or exfiltration was detected.

INFO Clean Educational Content -2

The skill contains comprehensive Python development guidelines and best practices with no signs of prompt injection or malicious instructions.