build-backend
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill invokes the
dotnetCLI to run a local script (.github/skills/build-backend/build-backend.cs). This operation is restricted to the repository's own code and is the intended primary purpose of the skill. - [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes output from the build process. 1. Ingestion points: Build error messages in stderr/stdout. 2. Boundary markers: Absent. 3. Capability inventory: Command execution (
dotnet). 4. Sanitization: The skill captures and reports errors but does not pass them to high-risk sinks. Since the data originates from local source code compilation, the risk of adversarial injection is negligible.
Audit Metadata