azure-security-keyvault-keys-dotnet
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references official Microsoft SDK packages including
Azure.Security.KeyVault.KeysandAzure.Identityvia the NuGet package manager. These are well-known, trusted libraries provided by the Azure organization. - [CREDENTIALS_UNSAFE]: The documentation correctly identifies hardcoded credentials as an incorrect practice. It provides examples using
DefaultAzureCredential(Managed Identity) and uses non-sensitive placeholders like<client-secret>for Service Principal authentication examples. - [COMMAND_EXECUTION]: Contains standard development commands for package installation (
dotnet add package) and provides code snippets for cryptographic operations. All operations align with the primary purpose of key management and encryption within Azure Key Vault. - [SAFE]: The skill promotes several security best practices, such as enabling soft-delete, utilizing HSM-backed keys, and implementing specific key rotation policies. No indicators of prompt injection, data exfiltration, or obfuscation were found.
Audit Metadata