dotnet-core-expert
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through the processing of untrusted user requirements.\n
- Ingestion points: User-provided requirements in
SKILL.mdinfluence the generated application code.\n - Boundary markers: Missing specific delimiters to separate user requirements from internal instructions.\n
- Capability inventory: Generating C# code, database migrations in
references/entity-framework.md, and deployment manifests inreferences/cloud-native.md.\n - Sanitization: Absence of input validation or content filtering for the requirements processing step.\n- [EXTERNAL_DOWNLOADS]: Fetches official development and runtime images from Microsoft's Container Registry (
mcr.microsoft.com) as documented in the Dockerfile withinreferences/cloud-native.md.
Audit Metadata