Skills
skills/managedcode/dotnet-skills/template-instantiation/Snyk

template-instantiation

Warn

Audited by Snyk on Apr 11, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill explicitly installs and instantiates template packages from public sources (see "Step 6: Template package management" with the dotnet new install Microsoft.DotNet.Web.ProjectTemplates.10.0 command), which causes the agent to fetch and preview/create third-party template files that it reads and acts on, so untrusted template content could influence subsequent actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 11, 2026, 12:42 PM
Issues
1