Skills
skills/github/awesome-copilot/az-cost-optimize/Gen Agent Trust Hub

az-cost-optimize

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various Azure CLI commands (e.g., 'az resource list', 'az webapp list') and specialized Azure MCP tools to discover and evaluate cloud resource configurations. These operations are core to the skill's primary function.
  • [EXTERNAL_DOWNLOADS]: Fetches optimization best practices and pricing data from official Microsoft Azure domains (e.g., azure.microsoft.com), which are recognized as trusted/well-known services.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from Infrastructure-as-Code (IaC) files and cloud resource metadata.
  • Ingestion points: Scans local repository files (Bicep, Terraform, JSON) and retrieves resource properties directly from the Azure environment (names, tags, SKUs).
  • Boundary markers: Lacks explicit delimiters or instructions to ignore embedded instructions within the analyzed files or resource names.
  • Capability inventory: Possesses permissions to execute cloud management commands and create issues in GitHub repositories via the 'create_issue' tool.
  • Sanitization: No validation or sanitization is performed on the data extracted from infrastructure files or resource names before it is incorporated into generated CLI commands or GitHub issue content.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 05:25 AM