microsoft-foundry
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Azure CLI (
az) and the Azure Developer CLI (azd) to perform resource management tasks such as creating projects, deploying models, and managing permissions. It also executes local helper scripts (Bash and PowerShell) included in the skill to perform complex logic like capacity discovery and URL generation. - [EXTERNAL_DOWNLOADS]: The skill uses
azd initto fetch infrastructure templates from the officialAzure-SamplesGitHub organization. It also provides instructions for installing standard libraries and tools usingpipandnpx(e.g.,@playwright/mcp), which are well-known resources for the described workflows. - [DYNAMIC_EXECUTION]: The helper script
discover_and_rank.shutilizes an inline Python call to process and format JSON data returned by Azure APIs. This is used strictly for data presentation and does not involve executing untrusted input. - [DATA_EXPOSURE]: The skill properly handles configuration through environment variables (such as
PROJECT_RESOURCE_IDandFOUNDRY_PROJECT_ENDPOINT) and does not contain hardcoded credentials or access sensitive local file paths like SSH keys.
Audit Metadata