dotnet-cryptography
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides secure cryptographic implementation examples for .NET, following industry best practices such as using AES-GCM for authenticated encryption.
- [SAFE]: Code snippets correctly use constant-time comparisons via
CryptographicOperations.FixedTimeEqualsto mitigate timing side-channel attacks. - [SAFE]: Key derivation examples for PBKDF2 use appropriate salt sizes and iteration counts (600,000) aligned with current OWASP recommendations.
- [SAFE]: The skill includes explicit warnings against deprecated and insecure algorithms like MD5, SHA-1, and RSA with PKCS#1 v1.5 padding.
- [SAFE]: Post-quantum cryptography implementations are correctly implemented with platform support checks and gated by target framework versioning.
- [SAFE]: External dependencies are limited to the well-known Argon2 implementation for .NET.
Audit Metadata