Skills
skills/dotnet/runtime/update-os-coverage/Gen Agent Trust Hub

update-os-coverage

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • External Data Retrieval: The skill fetches configuration and policy data from external sources using curl. These sources include official GitHub repositories and a well-known service for operating system lifecycle data.
  • Evidence:
  • curl -sL https://github.com/dotnet/versions/raw/refs/heads/main/build-info/docker/image-info.dotnet-dotnet-buildtools-prereqs-docker-main.json used for verifying container tags.
  • curl -sL https://github.com/dotnet/core/raw/refs/heads/main/release-notes/<dotnet-version>/supported-os.json used for checking support policy.
  • curl -s https://endoflife.date/api/<distro-id>.json used for lifecycle auditing.
  • Command Execution: The skill provides command-line snippets for searching files and validating data. These commands use standard utilities to process project-specific files.
  • Evidence:
  • Uses grep to scan for OS references in pipeline files like eng/pipelines/helix-platforms.yml and eng/pipelines/libraries/helix-queues-setup.yml.
  • Uses jq to parse and validate the JSON data retrieved from network operations.
  • Uses gh (GitHub CLI) to search for issues and create pull requests for the proposed changes.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 02:33 AM
Security Audit — agent-trust-hub — update-os-coverage