Skills
skills/windmill-labs/windmill-cli-docs/write-script-csharp/Gen Agent Trust Hub

write-script-csharp

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the wmill CLI (e.g., wmill script preview, wmill sync push) to manage development tasks.
  • [EXTERNAL_DOWNLOADS]: Scripts can fetch external dependencies from the NuGet registry using the #r directive.
  • [PROMPT_INJECTION]: The skill defines a workflow for indirect prompt injection where untrusted script parameters are interpolated into shell commands. * Ingestion point: Script parameters in SKILL.md. * Boundary markers: Absent. * Capability inventory: wmill CLI subprocess calls in SKILL.md. * Sanitization: Absent. Evidence: Instructions to execute wmill script preview with arguments picked from the script.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:37 AM
Security Audit — agent-trust-hub — write-script-csharp