winapp-package
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution: The skill utilizes various CLI commands including
winapp package,signtool, and PowerShell cmdlets likeAdd-AppxPackage. These are standard tools for creating and managing MSIX installers and do not deviate from the skill's stated purpose. - External Downloads: The skill mentions that build tools like
makeappxmay be downloaded via thewinapp updateorwinapp toolcommands. These downloads originate from the vendor's infrastructure to ensure the necessary environment for packaging. - Administrative Privileges: Certain operations, specifically
winapp cert installand the--install-certflag, are documented as requiring administrative rights. This is a standard security requirement on Windows for modifying the machine's trusted certificate store. - Credential Handling: The skill provides examples for certificate signing, including the use of password flags. While it shows examples like
--cert-password MyP@ssw0rd, it correctly suggests using CI/CD secrets (e.g., GitHub Secrets) for production environments to maintain security best practices.
Audit Metadata