dotnet-core-expert
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill explicitly instructs against storing secrets in code or configuration files, directing users toward environment variables or secret managers, which is a primary defense against credential exposure.
- [SAFE]: The authentication reference implements secure password hashing using PBKDF2 with a high iteration count (100,000) and SHA256, alongside industry-standard JWT validation logic.
- [SAFE]: The Dockerfile and cloud-native patterns prioritize security by using multi-stage builds and enforcing a non-root user (
appuser) for the runtime environment. - [SAFE]: All identified dependencies (MediatR, FluentValidation, EF Core, etc.) are standard, well-known libraries in the .NET ecosystem, and no suspicious remote code execution patterns were found.
Audit Metadata