dotnet-api-security

The skill describes coherent, well-scoped API security patterns for ASP.NET Core, aligning with its stated purpose. There are no external download/install patterns or unusual data sinks that would raise security red flags. The footprint is proportionate to its claim of implementing API authentication/authorization, OIDC/JWT, and related security controls. Recommended to enforce secret management best practices (not checking in secrets, using User Secrets/Environment Variables) and to audit configuration sources to minimize exposure. Overall risk is low to moderate with proper implementation and governance.