copilot-sdk-dotnet
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the installation of NuGet packages such as
GitHub.Copilot.SDKandMicrosoft.Agents.AI.GitHub.Copilot. It also demonstrates usingnpxto fetch and execute tools like@modelcontextprotocol/server-filesystemand@modelcontextprotocol/server-git, which is a standard approach for MCP integrations. - [COMMAND_EXECUTION]: The SDK provides capabilities to execute shell commands and launch local processes for MCP servers. The documentation includes a detailed permission handling pattern to ensure the agent requests authorization for sensitive operations.
- [DATA_EXFILTRATION]: The skill supports file attachments and remote MCP server configurations. Potential data exposure risks are mitigated by a mandatory permission request system that allows developers to whitelist allowed paths and URLs.
- [PROMPT_INJECTION]: The skill allows the definition of custom system messages and agent personas. These are standard features for the intended SDK functionality and do not contain patterns aimed at bypassing agent safety guidelines.
Audit Metadata