Compétences python-executor
📦

python-executor

Risque moyen ⚙️ Commandes externes🌐 Accès réseau

在安全的沙盒中執行 Python 任務

Également disponible depuis: skillssh,inference-sh-9,inferen-sh

在不同環境中執行資料、網頁和媒體任務的 Python 程式碼時,安全性是一大挑戰。此技能會在受管制的沙盒環境中執行程式碼,並提供常用函式庫和檔案輸出功能。

Prend en charge: Claude Codex Code(CC)
⚠️ 60 Médiocre
1

Télécharger le ZIP du skill

2

Importer dans Claude

Allez dans Paramètres → Capacités → Skills → Importer un skill

3

Activez et commencez à utiliser

Tester

Utilisation de "python-executor". User asks for a bar chart from a two column sales table.

Résultat attendu:

Returns a confirmation message and an image file named outputs/chart.png.

Utilisation de "python-executor". User requests a quick scrape of a public page title.

Résultat attendu:

Responds with the extracted title and a short log of the request.

Utilisation de "python-executor". User wants a CSV summary from a small dataset.

Résultat attendu:

Provides a summary line and a file named outputs/summary.csv.

Audit de sécurité

Risque moyen
v1 • 2/5/2026

Documentation includes shell command examples for installing and running the CLI, including a pipe to shell installer. These are instructional and not executed by the skill itself, but they warrant caution. Network and crypto related flags appear to be documentation references without malicious intent.

1
Fichiers analysés
187
Lignes analysées
7
résultats
1
Total des audits
Problèmes à risque moyen (1)
SKILL.md:21
Pipe to shell installer command in documentation
The quick start shows a curl command piped to sh for installing the CLI. This pattern is risky because it executes downloaded content without verification. It is documentation only and not executed by the skill.
Problèmes à risque faible (4)
SKILL.md:20-149
Shell command usage examples for the CLI
The documentation includes multiple bash examples that invoke the infsh CLI. These commands are expected for a CLI driven skill and do not indicate hidden execution.
SKILL.md:84-85SKILL.md:125SKILL.md:184-186
Network request examples in documentation
Examples show HTTP requests and external URLs for scraping and API calls. This is consistent with the stated use cases and does not show data exfiltration.
SKILL.md:3-4
False positive: weak cryptographic algorithm
The flagged location is part of the description text and does not contain cryptographic code. No weak cryptography usage is present in the file.
SKILL.md:165
False positive: network reconnaissance
The flagged line is a note about safe execution and does not reference reconnaissance behavior. No recon logic is present in the documentation.

Facteurs de risque

⚙️ Commandes externes (56)
SKILL.md:20-27 SKILL.md:27-33 SKILL.md:33-40 SKILL.md:40-47 SKILL.md:47-52 SKILL.md:52 SKILL.md:52 SKILL.md:52-53 SKILL.md:53 SKILL.md:53-54 SKILL.md:54 SKILL.md:54-55 SKILL.md:55-58 SKILL.md:58 SKILL.md:58 SKILL.md:58-59 SKILL.md:59 SKILL.md:59 SKILL.md:59-62 SKILL.md:62 SKILL.md:62-63 SKILL.md:63 SKILL.md:63-66 SKILL.md:66-67 SKILL.md:67 SKILL.md:67-68 SKILL.md:68-71 SKILL.md:71 SKILL.md:71-72 SKILL.md:72 SKILL.md:72 SKILL.md:72-75 SKILL.md:75 SKILL.md:75-76 SKILL.md:76 SKILL.md:76-82 SKILL.md:82-86 SKILL.md:86-90 SKILL.md:90-94 SKILL.md:94-98 SKILL.md:98-102 SKILL.md:102-106 SKILL.md:106-111 SKILL.md:111-115 SKILL.md:115-119 SKILL.md:119-123 SKILL.md:123-127 SKILL.md:127-131 SKILL.md:131-133 SKILL.md:133-139 SKILL.md:139-143 SKILL.md:143-149 SKILL.md:149-166 SKILL.md:166 SKILL.md:166-171 SKILL.md:171-180
🌐 Accès réseau (9)
SKILL.md:84 SKILL.md:125 SKILL.md:4 SKILL.md:21 SKILL.md:84 SKILL.md:125 SKILL.md:184 SKILL.md:185 SKILL.md:186

Motifs détectés

Pipe to shell installation pattern
Audité par: codex

Score de qualité

38
Architecture
100
Maintenabilité
85
Contenu
21
Communauté
52
Sécurité
83
Conformité aux spécifications

Ce que vous pouvez construire

分析小型資料集

建立表格和圖表,並回傳檔案供審查。

驗證擷取邏輯

取得頁面並擷取特定欄位以供報告使用。

產生示範素材

為產品演示產生圖片或短影片。

Essayez ces prompts

執行簡單檢查 
Execute Python to print the pandas version and return stdout only.
擷取頁面標題 
Fetch https://example.com and return the page title as plain text.
建立圖表檔案 
Build a small bar chart from sample data and save it to outputs/chart.png.
處理大型資料集 
Use the high_memory variant, read a CSV, summarize key metrics, and save outputs/summary.csv.

Bonnes pratiques

  • Describe inputs, outputs, and file names explicitly.
  • Write artifacts to outputs/ so they are returned automatically.
  • Keep network requests limited to trusted domains.

Éviter

  • Requesting interactive plots or GUI output.
  • Running jobs that exceed the timeout window.
  • Asking to install new system packages inside the sandbox.

Foire aux questions

What Python version does the app use?
The app runs Python 3.10 in a sandboxed environment.
Can it access the internet?
Yes, the examples show HTTP requests using Python libraries.
How do I return files?
Save files to the outputs/ directory and they will be returned.
Is there a high memory option?
Yes, use the high_memory variant for larger workloads.
Can it run long interactive sessions?
No, execution is non interactive and limited by the timeout setting.
Which libraries are available?
The documentation lists many preinstalled libraries for data, web, and media tasks.

Détails du développeur

Licence

MIT

Dépôt

https://github.com/inference-sh/skills/tree/main/skills/python-executor/

Réf

main

Structure de fichiers

📄 SKILL.md