entra-app-registration
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install official Microsoft packages such as 'msal', '@azure/identity', and 'azure-identity' from public registries. These are trusted, well-known dependencies for identity management.
- [COMMAND_EXECUTION]: Multiple Azure CLI commands ('az ad') are provided for administrative tasks like creating app registrations and resetting credentials. These commands are appropriate for the skill's stated purpose.
- [DATA_EXFILTRATION]: The provided code examples include network requests to official Microsoft Graph endpoints ('graph.microsoft.com'). These operations are necessary for the skill's functionality and target a trusted domain.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where user-provided data is intended to be used in shell commands and code templates.
- Ingestion points: Placeholders for application names, client IDs, and tenant IDs in files such as 'references/cli-commands.md' and 'references/first-app-registration.md'.
- Boundary markers: There are no explicit delimiters or specific instructions for the agent to ignore potentially malicious embedded content within user-provided strings.
- Capability inventory: The skill enables the execution of infrastructure-modifying CLI commands and the implementation of authentication flows using the provided examples.
- Sanitization: No input validation or escaping mechanisms are described to protect against command injection via the user-supplied variables.
Audit Metadata