host-module-configuration
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it reads and processes project files to determine the current host configuration.
- Ingestion points: Reads host module files, .csproj files, and appsettings.json using tools like Read, Grep, and Glob.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are defined for the content read from these files.
- Capability inventory: The skill can modify project files via Write and Edit and execute commands such as dotnet build using bash_tool.
- Sanitization: There is no explicit sanitization of the content read from project files before it is used in code generation.
- [COMMAND_EXECUTION]: The skill uses bash_tool to execute dotnet build on the host project. This is a standard and safe operation used to verify the generated configuration changes within the developer's local environment.
Audit Metadata