The Agent Skills Directory

[COMMAND_EXECUTION]: The DatabaseManager.cs template utilizes an unsafe SQL construction pattern in the SeedProductAsync method.
Evidence: The method builds an INSERT statement using string interpolation: $@"INSERT INTO products ... VALUES ('{id}', '{name}', {price}, ...)" in templates/database-manager.cs.
Risk: This approach is vulnerable to SQL injection. If the name parameter contains untrusted input (e.g., from a test case derived from external data), it could allow execution of arbitrary SQL commands against the test database.
[EXTERNAL_DOWNLOADS]: The skill configuration pulls external container images to establish the testing environment.
Evidence: WithImage("postgres:16-alpine") and WithImage("redis:7-alpine") are defined in templates/test-web-application-factory.cs and references/test-infrastructure.md.
Note: These are official images from Docker Hub, a well-known service, and are required for the skill's primary function of multi-container integration testing.
[DATA_EXPOSURE]: The skill interacts with local SQL script files to initialize the database schema.
Evidence: EnsureTablesExistAsync in templates/database-manager.cs reads files from Path.Combine(AppContext.BaseDirectory, "SqlScripts").
Note: This is a standard and safe operation for initializing test databases from static assets provided within the project structure.

dotnet-testing-advanced-webapi-integration-testing