dotnet-messaging-patterns

[Skill Scanner] Skill instructions include directives to hide actions from user This document is a benign instructional skill describing messaging patterns and sample code for .NET with Azure Service Bus, RabbitMQ, and MassTransit. It does not contain malicious code or obvious supply-chain attack patterns. The main security considerations are operational: ensure connection strings/credentials are stored securely (not hardcoded), do not use demo credentials in production, and configure DLQ/monitoring and idempotency correctly. No evidence of obfuscation or data exfiltration was found. LLM verification: The content is documentation and example code for messaging patterns — functional and aligned with stated goals. I found no indicators of deliberate malware or obfuscated malicious behavior. The main security concerns are operational: handling of credentials (risk if developers copy examples into production), potential log leakage of message contents, and the static scanner finding about a 'hide actions' directive which must be located and removed if present. Overall: not malicious, moderate sec