dotnet-msix
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard .NET CLI and Windows SDK commands (such as
dotnet publish,signtool.exe, andMakeAppx.exe) to build, sign, and bundle MSIX packages. - [SAFE]: No signs of prompt injection, data exfiltration, or obfuscation were detected. Technical instructions are focused on the stated purpose of MSIX packaging.
- [SAFE]: Sensitive assets such as signing certificates and passwords are handled through environment variables and CI/CD secrets (e.g., GitHub Secrets), demonstrating appropriate security posture for development workflows.
- [SAFE]: All external references, including GitHub Actions and Azure DevOps tasks, target well-known and trusted services for build automation.
Audit Metadata