The Agent Skills Directory

[SAFE]: The skill's primary function is to query Azure resource metadata and generate documentation. It uses official Azure CLI (az) commands and well-known extensions (Resource Graph) to perform discovery.
[COMMAND_EXECUTION]: The skill uses az and az graph query to retrieve infrastructure details. These are restricted to read-only resource discovery and analysis, which aligns with the stated purpose of the skill. A safety constraint is explicitly included to prevent resource modification or deletion.
[EXTERNAL_DOWNLOADS]: The skill references the resource-graph Azure CLI extension. Per security guidelines, this is a well-known service (Microsoft Azure) and is considered a safe dependency.
[DATA_EXPOSURE]: While the skill accesses Azure resource configurations (names, SKUs, network settings), it does not target sensitive credential files or attempt to exfiltrate data to external domains. The output is generated as a local markdown file within the workspace.
[INDIRECT_PROMPT_INJECTION]: The skill ingests data from Azure resource metadata. While resource names or tags could theoretically contain injection strings, the risk is low as the agent uses this data specifically for generating Mermaid syntax and structured documentation. No sanitization is explicitly mentioned, but the constrained output format (Mermaid) limits the potential for exploitation.

azure-resource-visualizer