Here is an interesting article to read (which I haven't (yet)):
Web to Windows 8: Security

It is in the Nov 2012 issue of MSDN magazine, in the
Javascript Security section, and it covers topics like:
- Input Validation
- Sensitive Data Storage
- Local vs. Web Contexts
- Communicating Between Contexts