Skills
skills/practicalswan/agent-skills/dotnet-best-practices/Gen Agent Trust Hub

dotnet-best-practices

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-supplied .NET/C# code, which serves as an ingestion point for untrusted data. This makes it vulnerable to indirect prompt injection if the processed code contains malicious instructions.\n
  • Ingestion points: Processes source code and project structures provided in the conversation context (SKILL.md).\n
  • Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore instructions embedded within the code it reviews.\n
  • Capability inventory: None. The skill does not include or call any scripts that perform file system writes, network operations, or subprocess execution.\n
  • Sanitization: There is no evidence of sanitization or filtering applied to the input data before processing.\n- [SAFE]: The skill references an official GitHub repository as its source and mentions local management scripts for export and validation. These are documented for attribution and maintenance purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 04:53 PM
Security Audit — agent-trust-hub — dotnet-best-practices