dotnet-mcp
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: The skill provides technical documentation and reference implementations for the official .NET MCP SDK. No malicious patterns or security risks were identified.\n- [PROMPT_INJECTION]: The skill documents how to handle external data through the MCP protocol, which introduces an attack surface for indirect prompt injection.\n
- Ingestion points: Technical handlers for tools, resources, and prompts defined in
references/patterns.mdreceive parameters from external MCP participants.\n - Boundary markers: The documentation in
references/security.mdrecommends specific error handling usingMcpExceptionto avoid leaking internal system details.\n - Capability inventory: Patterns in
references/patterns.mdinclude file system access (File.ReadAllText) and child process execution (StdioClientTransport).\n - Sanitization: The skill demonstrates robust sanitization techniques in
references/security.md, including path normalization and root-path verification to prevent traversal attacks.\n- [COMMAND_EXECUTION]: Examples inSKILL.mdandreferences/patterns.mdillustrate the use ofStdioClientTransportto execute local commands (e.g.,npx). These are documented as standard protocol behavior for local tool integration and are accompanied by security advice on process privileges.\n- [DATA_EXFILTRATION]: Code snippets inreferences/patterns.mddemonstrate file reading and network requests. These operations are presented within a security-conscious framework that mandates authorization checks and path validation.
Audit Metadata