dotnet-test
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to execute
dotnet buildanddotnet testcommands. These utilities execute arbitrary code contained within target .NET projects. An attacker providing a malicious project path or crafted filter strings could achieve unintended code execution within the agent's environment. - [Indirect Prompt Injection] (HIGH):
- Ingestion points: User-controlled strings for project paths and filter expressions (
FullyQualifiedName,DisplayName) are interpolated into shell commands acrossSKILL.mdand reference files. - Boundary markers: Absent. The skill does not implement delimiters or safety instructions to prevent the agent from interpreting instructions embedded within user-provided data.
- Capability inventory: Full subprocess execution for
dotnetCLI (build, test, and dump analysis) and shell utilities likegrepas seen inSKILL.md. - Sanitization: Absent. There is no evidence of input validation, escaping, or path normalization for the user-provided values before they are passed to the shell.
Recommendations
- AI detected serious security threats
Audit Metadata