analyzing-dotnet-performance
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local shell commands, specifically
grepandwc, to perform static analysis of C# source files. These operations are restricted to pattern matching for performance auditing and do not involve network requests or modification of system files.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user-provided source code which could contain adversarial instructions. - Ingestion points: Source code files, repository paths, and code blocks are ingested for analysis in Step 1.
- Boundary markers: Absent; the instructions do not require the agent to wrap or delimit the analyzed content with safety markers.
- Capability inventory: The skill's capabilities are limited to read-only file system operations (
grep) and providing a performance report. - Sanitization: Absent; the skill performs direct pattern matching on the raw source code content without filtering for potential injection strings.
Audit Metadata