dotnet-api-security
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements robust security configurations for ASP.NET Core Identity, including strong password requirements, account lockout policies, and phishing-resistant passkey (WebAuthn) support.
- [SAFE]: Authentication patterns for JWT and OpenID Connect follow best practices, using configuration providers for sensitive values rather than hardcoding credentials.
- [SAFE]: CORS and Content Security Policy (CSP) sections emphasize the principle of least privilege, explicitly warning against insecure configurations like
AllowAnyOrigin()in production environments. - [SAFE]: The inclusion of built-in rate limiting middleware (fixed window, sliding window, token bucket, and concurrency) provides a solid defense against brute-force and Denial-of-Service (DoS) attacks.
- [SAFE]: The 'Agent Gotchas' section serves as a proactive security checklist, addressing critical integration risks such as middleware order and the proper handling of external identity provider claims.
Audit Metadata