The Agent Skills Directory

[SAFE]: The skill serves as a best-practice guide for developers and does not contain any malicious instructions or exploitable vulnerabilities in its own logic.\n- [SAFE]: Explicitly prevents path traversal attacks by recommending the use of system-generated GUIDs and path sanitization instead of trusting client-provided filenames.\n- [SAFE]: Promotes secure file validation by instructing the check of magic bytes (file signatures) to verify file types, which prevents bypasses using spoofed extensions or Content-Type headers.\n- [SAFE]: Addresses Denial of Service (DoS) risks by guiding the configuration of Kestrel and FormOptions request limits to prevent memory and storage exhaustion.\n- [SAFE]: Encourages proper Cross-Site Request Forgery (CSRF) protection by documenting the use of .NET 8 Antiforgery middleware and warning against disabling it for cookie-based authentication.

minimal-api-file-upload