2 medium findings.

This skill ships without a capability manifest plus 1 other issue listed below.

0 critical0 high2 medium10 rules passed

Why grade A?

score · 95 / 100

The current grade reflects 2 minor findings below all thresholds.

0 CRIT0 HIGH2 MED0 LOW

Already at the top grade — no further rules to pass.

Findings · ordered by severity

med

No capability manifest declared

The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.

rule: no-manifest

▾

med

Link text shows "asp.net" but points at learn.microsoft.com

The visible link text contains the domain `asp.net`, but the URL actually targets `learn.microsoft.com`. This is a phishing/smuggling pattern — the reader sees one host, the agent fetches another. Either update the text or the URL so they match.

rule: anchor-href-mismatchline: 574CWE-601

▾

572

573- [FluentValidation](https://docs.fluentvalidation.net/)

574- [Model Validation in ASP.NET Core](https://learn.microsoft.com/en-us/aspnet/core/mvc/models/validation)← text→asp.net · href→learn.microsoft.com

575- [Data Annotations](https://learn.microsoft.com/en-us/dotnet/api/system.componentmodel.dataannotations)

576- [IValidateOptions](https://learn.microsoft.com/en-us/dotnet/core/extensions/options#options-validation)

Scan another →Share

skillox.io/r/crawl-vpphju1husdd8cf7ggga6zam