appwrite-dotnet
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the official Appwrite SDK from the NuGet package registry.
- [PROMPT_INJECTION]: The skill identifies entry points for processing external data (e.g., HTTP request bodies) within Appwrite Functions, which constitutes a surface for indirect prompt injection.
- Ingestion points: Request data is accessed via
context.Req.Bodyandcontext.Req.BodyJsoninSKILL.md. - Boundary markers: No delimiters or validation logic is shown in the simplified code snippets.
- Capability inventory: The SDK facilitates database, storage, and user management operations.
- Sanitization: Input validation is not shown; developers should implement sanitization when handling untrusted request bodies.
- [NO_CODE]: The skill consists of markdown documentation and code examples without providing executable scripts or binaries.
- [SAFE]: Sensitive information like API keys and project IDs are retrieved from environment variables rather than being hardcoded.
- [SAFE]: Includes a dedicated security section on permissions and roles to prevent common misconfigurations like public write access.
Audit Metadata