http-client-resilience
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly demonstrates retrieving sensitive credentials, such as API keys, from secure configuration providers (
IConfiguration) rather than hardcoding them in the source code. - [SAFE]: Implementation patterns follow official security guidelines for HTTP communication, including the use of
IHttpClientFactoryto prevent socket exhaustion and DNS resolution issues. - [SAFE]: Resilience policies (retries, circuit breakers, and timeouts) are implemented using standard, well-vetted libraries (Polly) with appropriate thresholds to maintain application stability.
- [SAFE]: Error handling and logging patterns provide necessary diagnostic information without leaking sensitive internal state or user data.
Audit Metadata