Skills
skills/clockworklabs/spacetimedb/csharp-client/Gen Agent Trust Hub

csharp-client

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the SpacetimeDB.ClientSDK NuGet package, which is a resource provided by the vendor.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: A code example in SKILL.md demonstrates saving an authentication token to a plain text file (auth_token.txt), which is an insecure practice for managing credentials.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: The skill uses callbacks such as OnInsert and OnSendMessage in SKILL.md to process data received from the SpacetimeDB database.
  • Boundary markers: The skill does not provide markers or instructions to isolate or verify data received from the database.
  • Capability inventory: The provided examples include filesystem operations like File.WriteAllText in SKILL.md.
  • Sanitization: There is no evidence of sanitization or validation performed on the data ingested from the external database source.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 08:52 PM
Security Audit — agent-trust-hub — csharp-client