aspnet-api-standards
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No malicious prompt injection patterns were detected. The 'CRITICAL DIRECTIVE' and other instructions are legitimate constraints intended to focus the agent's behavior and minimize unnecessary features.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive data exposure patterns were found. The skill explicitly recommends storing secrets in environment variables or secure vaults and provides placeholders for configuration.
- Obfuscation (SAFE): No encoded or hidden content, such as Base64, zero-width characters, or homoglyphs, was found in any of the files.
- External Downloads & RCE (SAFE): The skill does not perform any external downloads or remote code execution. It provides code templates using standard, trusted .NET libraries like MediatR and FluentValidation.
- Privilege Escalation (SAFE): No commands or patterns for acquiring unauthorized privileges were found. The security references promote proper authentication and authorization implementation.
- Indirect Prompt Injection (SAFE): The skill provides static code templates for a developer to implement and does not involve ingesting untrusted external data into the agent's context for runtime execution.
- Persistence Mechanisms (SAFE): No attempts to establish persistence (e.g., cron jobs, shell profiles) were detected.
- Dynamic Execution (SAFE): The skill provides static C# code snippets for implementation and does not involve any runtime code generation or unsafe deserialization of untrusted data.
Audit Metadata