Skills
skills/im5tu/claude/dotnet-source-gen-json/Gen Agent Trust Hub

dotnet-source-gen-json

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted local source files to identify data types for serialization, creating an indirect prompt injection surface where malicious code comments or identifiers could attempt to influence agent behavior.
  • Ingestion points: Project source files are scanned using Grep and Read (SKILL.md steps 3-5).
  • Boundary markers: None; the skill does not use delimiters or instructions to ignore instructions embedded within the source files.
  • Capability inventory: Bash(dotnet:*), Read, Glob, Grep.
  • Sanitization: None; extracted strings are used directly in code templates without validation.
  • [COMMAND_EXECUTION]: Executes dotnet build to verify the generated source generation context. This is the primary intended purpose of the skill.
  • [EXTERNAL_DOWNLOADS]: References official Microsoft documentation to assist the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:07 PM
Security Audit — agent-trust-hub — dotnet-source-gen-json