package-management
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill promotes the use of the official
dotnetCLI for all package management tasks, ensuring that dependencies are validated and resolved correctly by the platform's native tools. - [CREDENTIALS_UNSAFE]: Demonstrates best practices for authentication by using environment variable placeholders (
$PAT,%NUGET_PAT%) instead of hardcoding sensitive credentials in configuration files. - [EXTERNAL_DOWNLOADS]: Recommends the use of
dotnet-outdated-tool, a widely recognized and reputable community utility for tracking package updates. Example packages such as Serilog, xunit, and Akka are well-known, trusted libraries in the .NET ecosystem. - [SAFE]: Explicitly includes security-focused commands such as
dotnet list package --vulnerableanddotnet list package --deprecatedto help users identify and mitigate risks in their dependencies.
Audit Metadata