uv-package-manager

Enhances Python project workflows with uv for fast dependency management and virtual environment creation.

Install this skill

71/100

Security score

The uv-package-manager skill was audited on Mar 8, 2026 and we found 7 security issues across 4 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 660

Template literal with variable interpolation in command context

SourceSKILL.md

660

```json

high line 58

Piping content to sh shell

SourceSKILL.md

58	curl -LsSf https://astral.sh/uv/install.sh \| sh

medium line 58

Curl to non-GitHub URL

SourceSKILL.md

58	curl -LsSf https://astral.sh/uv/install.sh \| sh

low line 491

Access to hidden dotfiles in home directory

SourceSKILL.md

491	# Linux: ~/.cache/uv

low line 683

Access to hidden dotfiles in home directory

SourceSKILL.md

683	echo 'export PATH="$HOME/.cargo/bin:$PATH"' >> ~/.bashrc

low line 58

External URL reference

SourceSKILL.md

58	curl -LsSf https://astral.sh/uv/install.sh \| sh

low line 61

External URL reference

SourceSKILL.md

61	powershell -c "irm https://astral.sh/uv/install.ps1 \| iex"

Scanned on Mar 8, 2026

View Security Dashboard

Install this skill with one command

/learn @wshobson/uv-package-manager

GitHub Stars 30.6K

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw backend api backend-developer data-engineer devops-sre development

python-development wshobson/agents