api-proposal
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Processing of External Issue Content: The skill is designed to ingest data from existing GitHub issues to generate context for new proposals. This presents a potential surface for indirect prompt injection if an issue contains conflicting instructions. Users should ensure the agent's summary of the issue aligns with the actual requirements.
- Execution of System Commands: The workflow involves running shell commands using the
dotnetandghCLI tools for tasks like building projects, generating reference assemblies, and posting comments. This behavior is necessary for the skill's functionality and assumes the environment is configured with the appropriate permissions. - Utilization of External Research Tools: The skill incorporates research steps using public developer services such as
grep.appandapisof.net. These are standard tools used to evaluate ecosystem usage and do not represent a security risk when used as described.
Audit Metadata