dotnet-core-expert
PassAudited by ClawScan on May 9, 2026.
Overview
This is an instruction-only .NET development guidance skill with no code, install steps, credentials, or hidden execution, though users should verify any generated deployment or performance claims.
This skill appears safe to install as an instruction-only .NET assistant. Keep normal development safeguards in place: review generated code, approve database or deployment changes explicitly, and verify any claimed test coverage, benchmarks, security scans, or cloud deployments with real evidence.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may guide an agent toward substantial project or deployment changes if the surrounding agent has those tools.
If paired with file, database, or cloud tools, these broad workflow steps could modify a codebase or deployment environment. This is aligned with the .NET expert purpose, but the artifacts do not define approval boundaries.
Implementation approach: - Create projects - Implement services - Build APIs - Setup database - Add authentication - Write tests - Optimize performance - Deploy application
Require user review before applying generated code, changing databases, configuring CI/CD, or deploying to cloud/Kubernetes environments.
A user could mistakenly trust unverified completion, performance, or deployment claims.
The canned delivery message contains specific test coverage, performance, and deployment claims. If treated literally rather than as an example, it could overstate what was actually built, tested, benchmarked, or deployed.
Delivery notification: ".NET application completed. Built 12 microservices with 45 APIs achieving 83% test coverage. Native AOT compilation reduces startup to 180ms and memory by 65%. Deployed to Kubernetes with auto-scaling."
Treat such completion text as a template only, and ask the agent to cite actual test results, benchmark output, deployment logs, or changed files.