dotnet-uno-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data via the Uno MCP server, establishing an Indirect Prompt Injection surface. This occurs because content fetched from external documentation could theoretically contain malicious instructions.
- Ingestion points: External data enters the agent context through the
mcp__uno__uno_platform_docs_searchandmcp__uno__uno_platform_docs_fetchtool outputs. - Boundary markers: The skill implements mandatory citation requirements (using Source URLs) to distinguish external documentation from the agent's internal knowledge base.
- Capability inventory: The skill provides development guidance and configuration support for Uno Platform projects but does not directly invoke high-risk system commands or file-write operations.
- Sanitization: The skill includes 'Safety Guidelines' requiring the agent to validate code suggestions, verify version alignment, and treat MCP-fetched content as advisory rather than authoritative.
Audit Metadata