{
  "instruction": "Validate all request models with Data Annotations or FluentValidation",
  "relevant_when": "Agent creates or modifies an ASP.NET Core application that accepts user input via request bodies or query parameters",
  "context": "Every ASP.NET Core API must validate input. Use Data Annotations ([Required], [StringLength], [Range], [EmailAddress]) or FluentValidation for complex rules. Request body size should be limited via Kestrel configuration or [RequestSizeLimit] attributes. Never trust user input directly.",
  "sources": [
    {
      "type": "file",
      "filename": "skills/aspnet-security-basics/SKILL.md",
      "tile": "tessl-labs/aspnet-security-basics@0.2.0"
    }
  ],
  "checklist": [
    {
      "name": "request-models-validated",
      "rule": "Agent adds validation attributes (Data Annotations or FluentValidation) to all request model properties that accept user input",
      "relevant_when": "Agent creates request DTOs or models in ASP.NET Core"
    },
    {
      "name": "string-length-limits",
      "rule": "Agent sets maximum length constraints on string properties to prevent oversized input",
      "relevant_when": "Agent creates request DTOs with string properties"
    },
    {
      "name": "body-size-limited",
      "rule": "Agent limits request body size via Kestrel MaxRequestBodySize or [RequestSizeLimit] attribute",
      "relevant_when": "Agent creates or modifies an ASP.NET Core application"
    }
  ]
}

evals

skills

verifiers

authentication-configured.json

cors-configured.json

https-enforced.json

input-validation-added.json

rate-limiting-configured.json

security-headers-added.json

tile.json

tessl-labs/aspnet-security-basics

input-validation-added.json.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}verifiers/

input-validation-added.jsonverifiers/