dapr-dotnet
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent instruction-only Dapr/.NET backend development helper; the main thing to review is that copied templates may start a local Dapr sidecar and use local service defaults.
This appears reasonable as an instruction-only coding skill. Before using generated templates in a real project, review the Dapr, Redis, Consul, and Zipkin settings, replace local or empty-password examples with proper production secret handling, and confirm any debug sidecar startup behavior is intended.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If users copy this template into a project, running the app in debug mode may launch a local Dapr sidecar and connect to local Redis, Consul, or Zipkin services.
The sample ProgramExtensions code includes a DEBUG-only helper call that would start a Dapr sidecar process using local ports and .dapr configuration if the generated project code is used and run.
BaseHelper.AddDaprdProcess(appId, appPort, daprHttpPort, daprGrpcPort, otherDaprConfig);
Review and adapt the sidecar startup code, ports, and local service configuration before running it, especially outside a local development environment.