pentest-gemini-az

SUSPICIOUS. The skill is internally coherent and uses official Microsoft tooling and endpoints, so there is no clear malware or credential-harvesting pattern. However, its footprint is very broad: it grants an AI agent general administrative power across Azure, Microsoft 365, Graph, and Entra using the current CLI session, including scope changes and destructive actions. This makes it a high-impact operator skill with meaningful security risk despite legitimate infrastructure.