Skills
skills/managedcode/dotnet-skills/code-testing-agent/Gen Agent Trust Hub

code-testing-agent

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code as primary input for its analysis phases.
  • Ingestion points: The agent reads the user's source code files, configuration files (e.g., .csproj), and project structure to research and plan test generation (SKILL.md, unit-test-generation.prompt.md).
  • Boundary markers: Not present; the instructions do not include specific delimiters or directives to ignore instructions that might be embedded in the analyzed codebase.
  • Capability inventory: The skill can execute shell commands like dotnet build and dotnet test and perform file system operations (SKILL.md, extensions/dotnet.md).
  • Sanitization: No sanitization or validation of the ingested code content is performed before it is used to influence the agent's logic.
  • [COMMAND_EXECUTION]: The skill uses shell commands to interact with the build and test system. It invokes dotnet build, dotnet test, and dotnet format (extensions/dotnet.md). It also automatically modifies project configuration files (.csproj) to add project references for dependencies it identifies.
  • [REMOTE_CODE_EXECUTION]: The skill performs dynamic code execution by compiling and running generated unit tests. Running dotnet build and dotnet test on an untrusted project carries the risk that malicious code in the project files (e.g., custom MSBuild tasks) or the generated tests could be executed locally.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 02:18 AM