winapp-package
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- Standard Development Tooling: The skill utilizes the winapp CLI and official Microsoft GitHub Actions to manage the application lifecycle, including packaging and signing.
- Administrative Access: Certain commands, such as winapp cert install or using the --install-cert flag, require administrative privileges. This is a standard requirement for modifying the machine's certificate store during development and testing.
- Tool Acquisition: The skill mentions that build tools like makeappx are downloaded if not present. This is a common behavior for development environments to ensure the correct SDK components are available.
- Credential Handling: While a default password is provided for development certificates in documentation examples, the instructions explicitly recommend using repository secrets for CI/CD pipelines to ensure security.
Audit Metadata