dotnet-api-docs
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. Analysis of the skill body, metadata, and scripts revealed no malicious patterns or vulnerabilities.
- [PROMPT_INJECTION]: The instructions do not contain attempts to bypass safety filters, override system prompts, or extract internal configuration. Educational content regarding API documentation is consistent with the stated purpose.
- [DATA_EXFILTRATION]: No hardcoded credentials, API keys, or access to sensitive local file paths (e.g., SSH keys, environment files) were found. Network operations are restricted to localhost for standard OpenAPI spec retrieval.
- [REMOTE_CODE_EXECUTION]: Dependencies and tools (DocFX, XMLDoc2Markdown) are managed through standard .NET tool commands. There is no evidence of piping remote scripts into interpreters (e.g., curl|bash).
- [COMMAND_EXECUTION]: Shell commands provided for DocFX and .NET CLI are standard usage patterns for documentation generation and CI/CD validation, including link checking and metadata extraction.
- [SAFE]: The skill explicitly advises wrapping interactive API documentation UIs in environment checks to prevent exposure in production, demonstrating security-conscious instruction.
Audit Metadata