csharp-diagnose
Warn
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill constructs and executes shell commands that include variables such as
<solution>.slnand<paths>derived from the file system. If an attacker can control file or directory names within the repository (e.g., via a malicious Pull Request), they could inject shell metacharacters to execute arbitrary commands. - Evidence in
SKILL.md: jb inspectcode <solution>.sln ...(Step 3)similarity-csharp -p <paths> ...(Step 3)jq ... results.sarif(Step 4)- [INDIRECT_PROMPT_INJECTION]: The skill ingests and processes untrusted data from tool outputs and source code files to generate a report, which could be used to influence the agent's subsequent behavior if the code contains malicious instructions.
- Ingestion points: Reads
results.sarifand console output fromsimilarity-csharp(Step 4). - Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded content in the analyzed data.
- Capability inventory: Shell execution (
jb,similarity-csharp,jq,rm) and file system access. - Sanitization: None detected for the data processed from the SARIF results or console output.
Audit Metadata