// Run hexora static analysis on a Python package repository to detect suspicious code patterns, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section.
| name | python-packaging-static-audit |
| description | Run hexora static analysis on a Python package repository to detect suspicious code patterns, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section. |
| allowed-tools | Bash Read Grep |
Runs hexora static analysis on a Python package repository to detect suspicious code patterns such as code execution, encoding/serialization, and native code usage. Produces a self-contained "Hexora Static Analysis" report section with triaged findings and a risk assessment.
RISK_RATING:<value> so
the orchestrator can parse it without reading the full report.Run the wrapper script which handles hexora installation and applies the tuned rule exclusions:
./scripts/run-hexora.sh <repo-path>
hexora_exit=$?
Check the exit code before proceeding:
uvx.
Do not fail. Skip to the Output section and produce the report with
risk_rating = needs_review stating hexora was unavailable.risk_rating = needs_review noting the error.The wrapper filters out rules that are too noisy for typical Python packages and
sets a minimum confidence of medium. See the script comments for the full
exclusion list and rationale.
Review hexora findings in context. Read the relevant source files to understand the purpose of flagged code. Triage proceeds in two stages: deterministic rules first, then AI reasoning for anything unresolved.
Apply the following rules before any AI reasoning. These handle the most common clear-cut cases and make the triage reproducible.
| Condition | Verdict |
|---|---|
Finding is in a file under test/, tests/, benchmarks/, or examples/ | PASS |
Finding references a standard-library import already excluded by run-hexora.sh rule set | PASS |
Finding is in setup.py, setup.cfg, or pyproject.toml and involves eval, exec, compile, base64, or marshal | REVIEW |
When multiple findings produce different verdicts, the overall precedence is BLOCK > REVIEW > PASS — the most severe verdict wins.
Any finding not resolved by Stage 1 proceeds to Stage 2.
For findings that remain unresolved after deterministic rules, classify each as:
subprocess in a CLI tool)base64 decode in setup.py)Produce the following markdown section:
## Hexora Static Analysis
**Findings:** {N total} ({X critical, Y suspicious, Z likely legitimate})
### Critical Findings
| File | Line | Rule | Confidence | Description | Triage |
|------|------|------|------------|-------------|--------|
| setup.py | 42 | HX2000 | Very High | Base64 decode in install hook | Suspicious — no legitimate reason for encoded payloads in setup.py |
### Suspicious Findings
(same table format)
### Likely Legitimate
(same table format, brief — included for completeness but de-emphasized)
The risk_rating for this phase is one of:
If output_file is provided, write the file with the first line as
RISK_RATING:<value> followed by a blank line and then the markdown section
above. If output_file is not provided, return the report section inline.
| Scenario | Behavior |
|---|---|
| Hexora returns empty results | Report "no findings" for hexora section, risk_rating = no_issues |
Hexora is unavailable (uvx and hexora both missing) | Report hexora unavailable, risk_rating = needs_review |
Scan a Python package repository for compiled/binary files using Fromager-style detection and malcontent YARA analysis, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section.
Inspect recent git history of a Python package repository for suspicious commits touching supply-chain-sensitive files, then triage findings with AI reasoning to produce a structured risk report section.
Use this skill to evaluate the security of a Python package repository by orchestrating static analysis, binary scanning, and git history inspection sub-skills in parallel, then combining their results into a unified security report with a risk rating.
Use this skill to identify non-Red Hat RPM packages installed in container images or on the local machine. For containers, pulls images across multiple architectures and release tags; for local scans, inspects the host directly. Extracts RPM signing metadata and reports packages not signed with the Red Hat GPG key as CSV output. Use when auditing compliance, checking supply-chain provenance, or scanning for third-party RPMs in RHOAI component images.
Sync code from an upstream GitHub repository into a target fork (e.g., opendatahub-io midstream). Detects remotes from the current repo, or clones fresh if run from outside. Fetches upstream, merges into a sync branch, restores protected files, resolves conflicts, and opens a PR to the target GitHub repo. Use when asked to sync upstream, merge upstream changes, or bring a GitHub fork up to date with its upstream source.
Verify acli installation and authentication. Checks if acli is installed, authenticated to Jira, and can query projects. Use when troubleshooting acli issues or setting up acli for the first time.