dotnet-nuget-packages
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Remote Code Execution] (HIGH): The skill is vulnerable to indirect prompt injection because it incorporates untrusted user input (package names and versions) into execution commands. NuGet packages can contain MSBuild targets that execute arbitrary code upon restoration or build. * Ingestion points:
<PackageName>and<Version>placeholders inSKILL.md. * Boundary markers: None. * Capability inventory:dotnet add package,dotnet restore. * Sanitization: None. - [Command Execution] (MEDIUM): The skill explicitly directs the agent to execute shell commands through the .NET CLI, allowing for project modification and potential system interaction.
- [External Downloads] (MEDIUM): The skill encourages downloading and running code from the public NuGet gallery without package verification or whitelisting, which can lead to supply chain attacks.
Recommendations
- AI detected serious security threats
Audit Metadata