Skills
skills/kentoshimizu/sw-agent-skills/csharp-style-guide/Gen Agent Trust Hub

csharp-style-guide

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run various shell commands, including local scripts and standard development tools, which take user-provided file paths as arguments.
  • Evidence: SKILL.md directs the agent to execute python3 scripts/resolve_style_guides.py <changed-path>... and python3 scripts/validate_trigger_matrix_sync.py.
  • Evidence: references/quality-gate-command-matrix.md contains a matrix of commands for tools like dotnet, ruff, cargo, sqlfluff, and terraform to be run by the agent.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because its primary function is to ingest and process untrusted code and configuration files.
  • Ingestion points: Files matching patterns in references/trigger-matrix.md (e.g., .cs, .sh, .py, .js, .tf, .sql) are loaded into the agent's context.
  • Boundary markers: Absent. There are no instructions to use delimiters or ignore instructions embedded within the analyzed files.
  • Capability inventory: The skill has shell execution capabilities (dotnet, python3, etc.) which could be exploited if an attacker injects malicious instructions into the code being reviewed.
  • Sanitization: Absent. The skill does not mention any validation or escaping of the content of the files before they are processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 08:38 PM