dotnet-container-deployment
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides educational templates for Kubernetes manifests and Docker Compose files. It includes a section on 'Secrets for Sensitive Configuration' that uses placeholder credentials for demonstration purposes and explicitly warns users to use external secrets operators in production environments.
- [SAFE]: The CI/CD examples utilize well-known and trusted GitHub Actions from official sources (e.g., actions/checkout, actions/setup-dotnet, and official Docker actions). References to container registries like ghcr.io are standard and safe.
- [SAFE]: The skill enforces security-hardened configurations by default, such as setting 'runAsNonRoot: true' and 'runAsUser' in Kubernetes security contexts, which mitigates privilege escalation risks.
- [SAFE]: Instructions for Kubernetes probes and graceful shutdowns follow official Microsoft and Kubernetes documentation best practices to ensure application stability without introducing security vulnerabilities.
Audit Metadata