Skills
skills/managedcode/dotnet-skills/nuget-trusted-publishing/Gen Agent Trust Hub

nuget-trusted-publishing

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references official GitHub Actions from trusted organizations including actions/checkout, actions/setup-dotnet, and NuGet/login. It also references softprops/action-gh-release, which is a well-known community action for managing GitHub releases.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses a data ingestion surface by reading repository configuration files like .csproj, Directory.Build.props, and .mcp/server.json to extract package metadata.
  • Ingestion points: Reads project configuration and metadata files (SKILL.md, references/package-types.md).
  • Boundary markers: Absent; the agent assumes the content of these files is valid project configuration.
  • Capability inventory: The skill uses shell execution (bash/powershell), file creation/editing, and the ask_user tool for interaction.
  • Sanitization: Uses standard string extraction via sed to identify version numbers and property values, which limits the execution of arbitrary embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:12 PM
Security Audit — agent-trust-hub — nuget-trusted-publishing