Security risk report for @forgecat/openai_skills_winui-app v0.0.10
Source Integrity
Low
The profile is sourced from OpenAI's official skills repository (https://github.com/openai/skills) with a documented commit hash and Apache-2.0 license.
The content is a legitimate, well-maintained WinUI 3 development skill with references to official Microsoft Learn documentation and canonical sample repositories.
Agent Intent
Low
The skill provides legitimate development guidance for WinUI 3 and Windows App SDK work, with no instructions to manipulate the AI, exfiltrate data, or bypass security controls.
All references to external resources (Microsoft Learn, WinUI Gallery, WindowsAppSDK-Samples, CommunityToolkit) are to well-known, official Microsoft and community sources.
The skill documents standard development workflows (scaffolding, building, running, debugging) without any hidden instructions to read credentials, execute remote payloads, or reveal system prompts.
Details
Evidence
The skill consistently directs users to official Microsoft Learn documentation and canonical sample repositories.
Instructions such as 'Run the bundled WinGet configuration' and 'dotnet new winui' are standard, transparent development commands.
No language attempting to override instructions, hide behavior, or manipulate the AI's reasoning is present.
Permissions
Low
The skill declares no tools or MCP servers; it is purely instructional guidance for WinUI development.
The referenced workflows (dotnet CLI, Visual Studio, WinGet configuration) are standard development tools that the user controls directly.
No excessive agency, alwaysApply rules, or broad glob patterns are present.
Details
Evidence
No tool definitions or MCP server configurations are declared in the profile.
The skill references legitimate Windows development tools (Visual Studio, .NET SDK, WinGet) that are user-initiated, not agent-controlled.
MCP Risk
Low
No MCP servers are defined in this profile.
The skill is purely markdown-based instructional content with no binary execution, network access, or filesystem mutation directives.
Details
Evidence
The profile contains only markdown reference files and a SKILL.md instruction document.
No MCP server definitions, tool descriptions with hidden instructions, or arbitrary binary execution are present.