Skills
skills/managedcode/dotnet-skills/netarchtest/Gen Agent Trust Hub

netarchtest

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands including dotnet add, dotnet test, and rg (ripgrep) to manage project dependencies, run tests, and search the codebase for existing configurations.
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs the NetArchTest.Rules and NetArchTest.eNhancedEdition packages from the NuGet package registry. These are well-known libraries in the .NET ecosystem used for architecture enforcement.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from the repository's source code and configuration files, specifically the AGENTS.md file, which is used to define scope and constraints. The skill lacks explicit boundary markers or sanitization to prevent malicious instructions embedded in these files from influencing the agent's execution.
  • Ingestion points: AGENTS.md, *.csproj files, and local source code analyzed via rg.
  • Boundary markers: None (instructions do not specify delimiters for external content).
  • Capability inventory: dotnet add, dotnet test, and file system search (rg).
  • Sanitization: None detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 02:18 AM