update-avm-modules-in-bicep

This skill's stated purpose (scan Bicep files for Azure Verified Modules, query MCR for tags, consult GitHub docs, update files, and run bicep lint/build) is coherent with the capabilities it requests: network fetches, search, file edits, and running local tooling. There is no explicit malicious code or obfuscation. Primary risks are supply-chain and autonomy risks: the fetch->edit->execute pattern can be abused if remote content is tampered with or if the agent is allowed to run without human review. The mandatory use of powerful tools (#editFiles, #runCommands, #fetch) and absence of an enforced interactive approval step for updates (beyond a textual 'PAUSE' guideline) raises the security risk to a moderate level. Recommend enforcing an explicit human confirmation step before making any file writes or running commands, validating/pinning fetched tag data, and limiting search scope to intended files to reduce risk.