Skills
AGENT LAB: SKILLS
skills/github/awesome-copilot/winapp-cli/Gen Agent Trust Hub

winapp-cli

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): Skill references Microsoft-owned repositories and NPM packages (@microsoft/winappcli). These are from a trusted organization per [TRUST-SCOPE-RULE], though the skill behavior remains subject to analysis.
  • [COMMAND_EXECUTION] (HIGH): The skill directs the agent to execute the winapp CLI for sensitive operations. Specifically, winapp cert install modifies the local machine certificate store, which typically requires administrative privileges and affects system-wide trust.
  • [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection (Category 8) due to the processing of untrusted project data. • Ingestion points: Project directories and AppxManifest.xml files provided by users. • Boundary markers: Absent; there are no instructions to isolate or ignore instructions embedded in the project files. • Capability inventory: Includes file system modification, package signing, and certificate installation. • Sanitization: None; the skill assumes the integrity of the project files it processes.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 10:27 PM