Infrastructure as Code Skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to use MCP tools such as mcp_bicep_list_avm_metadata (Available IaC MCP Tools / Workflow: MCP-Enhanced IaC step 2) and fallbacks that browse public URLs like https://aka.ms/avm/modules and learn.microsoft.com, meaning it fetches and interprets public module/docs content which can materially influence code generation and deployment decisions.