dotnet-msix
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard XML configurations for .NET project files (.csproj) and Windows Application Packaging projects (.wapproj), following official Microsoft documentation for the Windows App SDK.
- [SAFE]: Code signing procedures use legitimate Windows SDK utilities such as
signtool.exeandMakeAppx.exe. The use of PowerShell cmdlets likeNew-SelfSignedCertificateis restricted to local development and testing scenarios. - [SAFE]: CI/CD pipeline examples for GitHub Actions and Azure DevOps implement security best practices. Specifically, they utilize platform-native secret management (GitHub Secrets and Azure Secure Files) to handle sensitive PFX certificates and passwords, avoiding hardcoded credentials.
- [SAFE]: The implementation of Base64 decoding in the GitHub Action is a standard technique for restoring binary certificate files from environment variables and does not constitute malicious obfuscation.
- [SAFE]: All external references target well-known and trusted services, such as the Microsoft Partner Center and the DigiCert timestamping service.
Audit Metadata