marketplace-publishing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill provides instructions for installing a plugin from the GitHub repository 'Aaronontheweb/dotnet-skills'. While the repository owner is a recognized developer in the .NET community, the source is not on the pre-defined trusted list. This finding is categorized as LOW as it is the primary subject of the documented workflow.
- [PROMPT_INJECTION] (LOW): The skill describes a workflow involving the ingestion and validation of external data (Category 8). An agent following these instructions would process user-submitted markdown files and JSON configurations, which could contain malicious instructions. Evidence: 1. Ingestion points: SKILL.md and plugin.json files. 2. Boundary markers: Absent. 3. Capability inventory: Shell script execution, Git operations, and plugin management. 4. Sanitization: Relies on a local validation script without explicit LLM-specific sanitization.
Audit Metadata