dotnet-framework-48-expert
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The provided skill consists entirely of markdown text and metadata designed to guide the AI agent's behavior. It does not include any scripts (Python, Node.js, Shell), executables, or configuration files that would perform operations on the host system.
- [SAFE]: No malicious patterns such as obfuscation, credential theft, or unauthorized access were detected within the instructions.
- [PROMPT_INJECTION]: The skill contains a mechanism for ingesting external data through a context manager query (
get_dotnet_framework_context). While this presents a surface for indirect prompt injection, it is assessed as safe because: - Ingestion points: Data enters through the
payload.queryfield in the context request defined inSKILL.md. - Boundary markers: No explicit delimiters or sanitization instructions are provided for the returned context data.
- Capability inventory: The skill lacks any capability to execute commands, write files, or perform network requests, limiting the potential impact of any injected instructions.
- Sanitization: No input validation or output encoding for the ingested context is specified in the prompt logic.
Audit Metadata