Skills
skills/managedcode/dotnet-skills/csharp-scripts/Gen Agent Trust Hub

csharp-scripts

Warn

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the dotnet CLI to build and run scripts, mkdir for creating temporary workspaces, and chmod for setting file execution permissions.
  • [REMOTE_CODE_EXECUTION]: Facilitates the compilation and execution of arbitrary C# code provided by the user or generated by the agent, which is a significant risk if the code originates from an untrusted source.
  • [EXTERNAL_DOWNLOADS]: Supports fetching third-party dependencies from NuGet using the #:package directive or dotnet add package command without integrity checks or source verification.
  • [PROMPT_INJECTION]: Contains a surface for indirect prompt injection as it processes and executes code based on untrusted user intent.
  • Ingestion points: C# code blocks and intent descriptions provided by users in the prompt context.
  • Boundary markers: Absent; there are no clear delimiters or instructions to prevent the agent from obeying embedded malicious commands.
  • Capability inventory: The skill can execute local files, modify file system permissions, and perform network operations for package management.
  • Sanitization: Absent; the skill does not perform any validation, sanitization, or safety scanning of the provided C# code before execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 11, 2026, 12:41 PM