dotnet-aot-compat
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution]: The skill utilizes standard .NET development tools, including
dotnet buildandgrep, to identify and filter IL-related warnings. These commands are executed within the context of the project's build environment to guide the compatibility resolution process. This is a standard practice for development-focused skills. - [Indirect Prompt Injection Surface]: The skill involves reading and processing source code files and compiler output, which represents a potential surface for indirect prompt injection if the files originate from untrusted sources.
- Ingestion points: The agent reads .cs and .csproj files, as well as the text output from the
dotnet buildcommand. - Boundary markers: No specific delimiters or markers are defined to separate untrusted file content from the agent's instructions.
- Capability inventory: The skill possesses the capability to modify local files and execute shell commands through the development environment.
- Sanitization: The skill relies on standard agent processing without additional validation of the source code content.
- Context: This risk is inherent to any skill that automates code refactoring or remediation. Users should ensure they are working with projects from trusted sources when using these capabilities.
Audit Metadata