The Agent Skills Directory

[CREDENTIALS_UNSAFE] (SAFE): The skill demonstrates secure credential management. It explicitly recommends DefaultAzureCredential (Microsoft Entra ID) over API keys and uses environment variables in the provided setup script. No hardcoded API keys or tokens were found.
[INDIRECT_PROMPT_INJECTION] (LOW): The Agentic Retrieval feature implements a RAG (Retrieval-Augmented Generation) architecture, which is a surface for indirect prompt injection. 1. Ingestion points: Data retrieved from Azure AI Search indexes via KnowledgeBaseRetrievalClient.retrieve (see references/agentic-retrieval.md). 2. Boundary markers: Uses answer_instructions to constrain the LLM's response generation within the KnowledgeBase configuration. 3. Capability inventory: Limited to retrieving documents and generating text responses; no execution of code or file system access based on retrieved content is present. 4. Sanitization: Uses standard grounding based on instructions; no additional sanitization of external document content is implemented.
[COMMAND_EXECUTION] (SAFE): The setup_agentic_retrieval.py script uses argparse and environment variables for configuration. It does not invoke system shells or execute unsanitized commands.

azure-ai-search-python