ilspy-cli
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingests untrusted .NET assemblies and decompiles them into human-readable C# source code, which is then provided to the agent's context. A malicious binary could contain embedded instructions in its metadata or source comments designed to manipulate the agent. \n
- Ingestion points: Binary files processed by
ilspy decompile,ilspy search, andilspy list. \n - Boundary markers: No delimiters or explicit instructions to ignore embedded content are mentioned in the skill. \n
- Capability inventory: Shell command execution via the
ilspybinary. \n - Sanitization: No sanitization or filtering of the decompiled output is performed before it is presented to the agent. \n- [COMMAND_EXECUTION]: The skill executes the
ilspycommand-line tool. It supports customizing the search path for the required C# bridge DLL via theILSPY_BRIDGE_DIRenvironment variable, which influences the tool's runtime initialization and library loading. \n- [EXTERNAL_DOWNLOADS]: The documentation references the official Microsoft .NET download page as a resource for installing necessary runtimes.
Audit Metadata