dotnet-source-gen-options-validation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes user-controlled source files, creating an attack surface where malicious content in those files could attempt to influence the agent's behavior.\n
- Ingestion points: Reads C# files matching
*Options.csor*Settings.csusing theReadtool.\n - Boundary markers: Absent; there are no explicit delimiters or instructions to disregard embedded commands in the source data.\n
- Capability inventory: The skill has access to
Bash(dotnet:*),Read,Glob, andGrep.\n - Sanitization: Absent; class and namespace information is extracted directly from source files and interpolated into new code blocks.\n- Dynamic Execution (LOW): The skill performs dynamic code generation and triggers runtime compilation.\n
- Evidence: It generates new partial C# validator classes and executes
dotnet build. While runtime compilation of generated source is typically a MEDIUM risk finding, it is downgraded to LOW here because it is the primary intended function of the skill.
Audit Metadata