graphify-dotnet
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the graphify-dotnet global tool from the official NuGet registry and references the upstream project repository on GitHub.
- [COMMAND_EXECUTION]: Executes shell commands via the .NET CLI and the graphify tool to manage installation, configuration, and the repository analysis pipeline.
- [DATA_EXFILTRATION]: Processes and transmits codebase metadata to user-configured AI services, such as Azure OpenAI, Ollama, or GitHub Copilot, when semantic enrichment features are enabled.
- [PROMPT_INJECTION]: Ingests local source code during the analysis process, which constitutes an indirect prompt injection surface.
- Ingestion points: Local file system source trees processed by the tool.
- Boundary markers: None explicitly defined in the instruction set, as the tool functions as a structural parser.
- Capability inventory: File system access for reading code and writing artifacts, and network access for communication with AI providers.
- Sanitization: Relies on the internal parsing logic of the graphify-dotnet tool (such as Roslyn for .NET code) to process source content.
Audit Metadata