cap
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates event-driven message processing which introduces a surface for indirect prompt injection.
- Ingestion points: Message handlers marked with [CapSubscribe] in SKILL.md and references/patterns.md.
- Boundary markers: None identified in the provided code snippets or documentation to distinguish between event data and potentially malicious instructions.
- Capability inventory: Includes database modification via Entity Framework and recursive message publishing (Saga pattern) as detailed in references/patterns.md and references/api.md.
- Sanitization: No input validation or sanitization routines are demonstrated in the handler implementation examples.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions and scripts to install external dependencies via the NuGet package manager.
- Evidence: 'dotnet add package' commands in SKILL.md and the 'Add-CapPackages' function in scripts/init-cap-project.ps1.
- Source: Downloads are from the official NuGet gallery and target the established DotNetCore.CAP project ecosystem, which is considered a safe and well-known service.
Audit Metadata