The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes dotnet build during the verification phase to ensure the generated solution compiles correctly. This is standard behavior for a development tool.
[EXTERNAL_DOWNLOADS]: The skill references NuGet packages from nuget.org. As this is the official .NET package registry, it is considered a well-known and trusted service.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted entity names and project configurations. These inputs are used to generate file names and source code content. Although the skill documentation includes a risk mitigation step to validate entity names, there is a potential for malicious strings to be embedded in the generated output if sanitization is bypassed. Documentation of evidence chain: (1) Ingestion: projectName, entities, and targetPath in SKILL.md. (2) Boundaries: None specified in prompt instructions. (3) Capabilities: File writing and dotnet build execution. (4) Sanitization: Mentioned as a risk mitigation step but not explicitly implemented in the provided patterns.

ln-722-backend-generator