functions-markdown-agents
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch deployment templates and runtime assets from the official Microsoft Azure-Samples GitHub repository ('functions-markdown-agent'), which is a well-known and trusted source.
- [COMMAND_EXECUTION]: Provides shell scripts ('prepackage.sh') to automate the assembly of agent files into a temporary directory for packaging. These scripts are executed as local hooks by the Azure Developer CLI during the build process and perform standard file management operations.
- [PROMPT_INJECTION]: Features proactive security instructions that mandate the identification and removal of potentially malicious commands (such as shell execution) from user-provided skills, converting them into managed Python tools to ensure a safer cloud runtime environment.
- [CREDENTIALS_UNSAFE]: Adheres to security best practices by recommending Azure Managed Identities and 'DefaultAzureCredential' for authenticating with services like Cosmos DB and Key Vault, explicitly advising the user to avoid hardcoding secrets.
Audit Metadata