create-controller
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the 'Swashbuckle.AspNetCore.SwaggerUI' package via the .NET CLI. This is a well-known and standard library used for providing Swagger/OpenAPI documentation in ASP.NET Core applications.
- [COMMAND_EXECUTION]: The skill utilizes 'dotnet build', 'dotnet add package', and 'dotnet run' commands. These are standard CLI operations required for the development, dependency management, and verification of an ASP.NET Core project.
- [PROMPT_INJECTION]: The skill's design involves processing user-supplied entity data to generate controller code, which represents a potential indirect injection surface.
- Ingestion points: Entity names and structures provided by the user in the context of creating a controller.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are used when interpolating entity data into the code generation process.
- Capability inventory: The skill has the ability to modify source code files (e.g., Program.cs, controllers), manage project dependencies, and execute the compiled binary via 'dotnet run'.
- Sanitization: No explicit validation or escaping of the user-provided entity metadata is performed before it is used in code generation.
Audit Metadata