dotnet-codeql
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions and workflow templates to download and use official GitHub Actions (such as github/codeql-action/init, github/codeql-action/analyze, actions/checkout, and actions/setup-dotnet) and the CodeQL CLI. These resources are hosted by well-known technology companies and trusted organizations.
- [COMMAND_EXECUTION]: The skill uses standard command-line tools like ripgrep (rg), command, and dotnet build to detect the current project state and verify tool installation. This execution is scoped to the skill's primary purpose of security analysis and CI/CD configuration.
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection. \n
- Ingestion points: The skill reads repository-controlled files including AGENTS.md and existing GitHub workflow files (.github/workflows/*.yml) during the bootstrap and planning phases. \n
- Boundary markers: The skill does not define explicit delimiters or instructions for the agent to ignore embedded commands within these processed files. \n
- Capability inventory: The skill has the capability to write new workflow files to the local file system and execute shell commands (dotnet, codeql). \n
- Sanitization: There is no evidence of input validation or escaping for the content ingested from the repository files before it is processed by the agent.
Audit Metadata