opening-in-rider
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's core functionality involves executing the JetBrains Rider CLI. This is performed via scripts that search the system PATH for valid Rider executables (rider, rider.bat, or rider64.exe). The execution is handled safely:\n
- In scripts/open-in-rider.sh, the command is launched in the background using nohup (if available) with arguments properly quoted to prevent shell injection.\n
- In scripts/open-in-rider.ps1, the Start-Process cmdlet is used with the -ArgumentList parameter, which is the secure method for passing arguments in PowerShell without risk of command string manipulation.\n- [PROMPT_INJECTION]: As the skill accepts a file path and a line number as input, it possesses an attack surface for indirect prompt injection. However, the risk is mitigated by robust sanitization and validation logic:\n
- Ingestion points: The script accepts a target path (defaulting to '.') and an optional line number (--line) from the agent context.\n
- Boundary markers: None explicitly defined in the agent instructions, though the skill logic treats inputs as literal paths.\n
- Capability inventory: The script can resolve paths, search parent directories for project files, and execute the rider command.\n
- Sanitization: The scripts verify that the target path exists on the file system before proceeding. The line number is validated against a regular expression (^[1-9][0-9]*$) to ensure it is a positive integer. All variables used in command execution are properly quoted.
Audit Metadata