dotnet-core-expert
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a static knowledge base providing C# code templates and architectural guidance for .NET applications without any executable scripts or hidden commands.
- [SAFE]: Cryptographic implementations in the authentication references use secure defaults, such as PBKDF2 with SHA256 and a high iteration count (100,000) for password hashing.
- [SAFE]: Docker configuration templates follow security best practices by implementing multi-stage builds and enforcing the use of a non-root user for the application runtime.
- [SAFE]: Credentials and secrets in the provided examples (such as appsettings.json and docker-compose.yml) use clearly labeled placeholders or local development defaults, and the instructions explicitly warn against storing secrets in code.
- [SAFE]: External references to base images and services utilize well-known and trusted sources, including Microsoft's container registry and official images for Redis and MS SQL Server.
Audit Metadata