dotnet-build-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides commands to download and execute the Azure Artifacts Credential Provider directly from Microsoft's official 'aka.ms' domain.
- Evidence: Commands include 'iex "& { $(irm https://aka.ms/install-artifacts-credprovider.ps1) }"' for Windows and 'sh -c "$(curl -fsSL https://aka.ms/install-artifacts-credprovider.sh)"' for macOS/Linux.
- [COMMAND_EXECUTION]: Provides templates for common development and build system commands.
- Evidence: Includes usage of 'dotnet nuget', 'dotnet workload', 'ls', and 'docker run' to diagnose environment and configuration issues.
- [PROMPT_INJECTION]: The skill guides an agent to parse and act upon build output (logs). Because build logs can include content derived from source code or external project files, they represent a surface for indirect prompt injection.
- Ingestion points: MSBuild output strings, error messages (CS, MSB, NU, IDE, CA), and file paths from 'SKILL.md'.
- Boundary markers: None specified for separating log data from agent instructions.
- Capability inventory: The agent is encouraged to execute 'dotnet' CLI commands and modify source code/configuration based on log interpretation.
- Sanitization: No explicit sanitization or validation of the build log content is mentioned.
Audit Metadata