ClawHub

Csharp Dotnetcore Natasha

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only C# dynamic-compilation skill, but it under-warns users about examples that run arbitrary code and bypass private access controls.

Install only if you intentionally need guidance for Natasha runtime C# compilation. Do not copy the plugin, script-engine, file-loaded logic, or private-member examples for untrusted code, user uploads, shared writable directories, third-party objects, secrets, or multi-tenant production paths unless execution is isolated in a separate low-privilege process or container and code provenance is controlled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The documented `ScriptEngine.Execute(string script)` pattern compiles and immediately invokes attacker-controlled C# code with no sandboxing, policy checks, or trust boundary controls. In the context of a skill explicitly about dynamic compilation and private-member access, this normalizes a ready-to-copy remote code execution primitive that could be embedded into applications handling untrusted input.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The document explicitly instructs users to disable C# accessibility checks with `IgnoreAccessibility` and use `ToAccessPrivateTree` to access private/internal members. Even though this appears educational and performance/testing-oriented, it normalizes and operationalizes encapsulation bypass, which can expose secrets, violate library security boundaries, and enable unauthorized state manipulation when used in production or on untrusted targets.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This section explicitly teaches how to bypass normal encapsulation and access private members via dynamic compilation, including use of IgnoreAccessibility and private-access rewriting, but provides no warning, restrictions, or safe-use guidance. In a runtime code-generation skill, this materially increases the risk of abuse for data exfiltration, security-boundary erosion inside the application, and misuse against secrets or internal state.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation explicitly presents loading and executing user-provided code at runtime with no warning about trust boundaries, code execution risk, or isolation requirements. In a skill centered on dynamic C# compilation, this is especially dangerous because users are likely to copy the pattern directly, turning untrusted input into arbitrary code execution within the application process.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The section normalizes accessing private members for performance optimization without warning that this bypasses encapsulation and can expose secrets or internal state that was intentionally hidden. In the Natasha context, the example even uses compiler options to ignore accessibility, which can materially increase the chance of sensitive-data access or integrity violations if reused in production code.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This pattern describes reading logic from files and dynamically compiling/executing it, but provides no warning that file contents are executable code and therefore a direct arbitrary-code-execution boundary. Because the source is the filesystem, attackers may be able to influence plugin directories through upload paths, shared storage, supply-chain compromise, or local footholds, making this especially dangerous in a runtime-compilation skill.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This documentation explicitly instructs users how to disable normal C# access checks via IgnoreAccessibility and combine it with WithAllMetadata and ToAccessPrivateTree to access private members, and elsewhere also demonstrates AllowUnsafeBlocks. In a skill whose purpose is runtime code generation and private-member access, these examples materially lower barriers to integrity violations, privilege-boundary bypass inside the process, and memory-unsafe behavior if the generated code is applied to untrusted input or sensitive application objects.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The document provides a concrete example for compiling code that bypasses C# accessibility protections via IgnoreAccessibility and ToAccessPrivateTree, but it does not warn that this defeats encapsulation and can expose secrets or internal state. In a skill specifically about dynamic runtime C# generation, this guidance materially increases the chance that consumers will adopt unsafe reflection-like access patterns in production code.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal