crap-score
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution]: The skill utilizes the standard
dotnet testCLI command to generate code coverage data. This is a routine operation in .NET development environments and is necessary for the skill to perform its intended CRAP score calculations. The commands are structured to use well-known parameters for thecoverlet.collectorand Microsoft coverage extensions. - [Data Ingestion and Analysis]: The skill performs static analysis on .NET source files (
.cs) and parses Cobertura XML coverage reports. This is a standard pattern for code analysis tools. - Ingestion points: The agent reads local source code files and XML test results.
- Boundary markers: The skill does not explicitly define markers to isolate data from instructions, which is common in analytical skills.
- Capability inventory: The skill has the capability to read local files and execute shell commands through the
dotnetCLI. - Sanitization: The instructions focus on parsing specific XML attributes and counting code constructs, which naturally limits the risk of interpreting data as commands.
Audit Metadata