The Agent Skills Directory

Command Execution: The skill instructions involve running the dotnet run command. This is used to execute the sample applications locally to verify their functionality, which is the primary purpose of this skill.
Environment Variable Access: The skill identifies and checks for environment variables like AZURE_OPENAI_ENDPOINT for sample configuration. This is a common and necessary practice for providing the credentials and endpoints required by the .NET samples.
Indirect Prompt Injection Surface: The skill processes external data by reading sample code and monitoring its execution output, which represents a surface for indirect instructions. 1. Ingestion points: The agent reads the source code of samples in the dotnet/samples/ directory. 2. Boundary markers: No specific delimiters or "ignore" instructions are used when processing the code or its output. 3. Capability inventory: The skill has the capability to execute commands via dotnet run and display the resulting output. 4. Sanitization: There is no explicit sanitization of the sample output before it is processed by the agent. This is a standard consideration for skills that evaluate and run source code.

verify-dotnet-samples