health-check
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by processing untrusted external project files as part of its audit function.\n
- Ingestion points: .NET source code files (.cs) and project configuration files (.csproj, .sln) from the codebase being analyzed.\n
- Boundary markers: The skill does not define specific delimiters or instructions to prevent the agent from obeying instructions embedded within the analyzed code.\n
- Capability inventory: The skill utilizes
dotnet build,dotnet list package, and various Roslyn-based static analysis tools (e.g.,detect_antipatterns,find_dead_code).\n - Sanitization: No explicit sanitization or validation of the codebase content is performed prior to the analysis or build steps.\n- [COMMAND_EXECUTION]: The skill invokes
dotnet buildanddotnet list packageto assess project health and security. These are standard CLI tools used for their intended diagnostic purpose within the .NET ecosystem.
Audit Metadata