application-inspector
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references the official Microsoft Application Inspector repository and distribution channels. Specifically, it suggests installing the
Microsoft.CST.ApplicationInspector.CLItool via dotnet and pulling frommcr.microsoft.com. These are verified official Microsoft sources and are downgraded from potential risks to SAFE per the trusted source guidelines. - [COMMAND_EXECUTION] (SAFE): The command-line examples use standard parameters for the tool's intended purpose (code analysis). There are no instances of privilege escalation, such as
sudo, or dangerous shell piping likecurl | bash. - [DATA_EXFILTRATION] (SAFE): The skill focuses on local analysis of source code. No hardcoded credentials, API keys, or instructions for sending sensitive data to unauthorized third-party servers were detected.
- [PROMPT_INJECTION] (SAFE): The markdown content consists of descriptive documentation and command examples. No phrases intended to override the agent's system prompt or bypass safety filters were found.
Audit Metadata