Skills
skills/sharex/xerahs/build-windows-exe/Gen Agent Trust Hub

build-windows-exe

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes powerful PowerShell commands to manage the build environment, including Stop-Process to terminate existing instances of the application and Roslyn compiler servers (VBCSCompiler), and Remove-Item to delete build directories. These operations are standard for a build automation specialist to ensure a clean compilation state.\n- [DATA_EXPOSURE]: The skill reads local project files such as plugin.json and Directory.Build.props to extract versioning and plugin identity metadata. This information is used to define output paths and installer names.\n- [INDIRECT_PROMPT_INJECTION]: \n
  • Ingestion points: Reads the pluginId value from plugin.json files within the src/desktop/plugins directory (SKILL.md).\n
  • Boundary markers: None; values are read directly into PowerShell variables without delimiters or validation warnings.\n
  • Capability inventory: The skill performs file system creation (New-Item) and executes dotnet publish with dynamic paths (SKILL.md).\n
  • Sanitization: There is no sanitization or path validation performed on the pluginId before it is used to construct the directory structure for published plugins, which represents a theoretical surface for path manipulation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 12:00 PM
Security Audit — agent-trust-hub — build-windows-exe