Skills
skills/akiselev/altium-cli/ilspy-cli/Gen Agent Trust Hub

ilspy-cli

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Surface for indirect prompt injection detected in the assembly analysis workflow.
  • Ingestion points: Untrusted data enters the agent context via the ASSEMBLY file argument in commands like decompile, search, and list as defined in SKILL.md.
  • Boundary markers: Absent. The skill definition does not specify any delimiters or instructions to ignore instructions embedded within the processed assembly data.
  • Capability inventory: The skill allows execution of the ilspy command-line tool which performs file reads and analysis (defined in SKILL.md).
  • Sanitization: Absent. No sanitization or validation of the decompiled output is performed before it is presented to the agent.
  • [COMMAND_EXECUTION]: The tool performs dynamic loading of an external library for its operation.
  • The ilspy CLI loads a bridge DLL (IlSpyBridge.dll) at runtime to interface with the .NET decompiler logic.
  • The search path for this DLL can be overridden by the user-defined environment variable ILSPY_BRIDGE_DIR, allowing for dynamic loading from computed paths.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 05:37 AM
Security Audit — agent-trust-hub — ilspy-cli