alz-accelerator-skill

The skill's stated purpose (deploy Azure Landing Zones with ALZ Accelerator/AVM, guide Bicep vs Terraform, bootstrap CI/CD, manage platform subscriptions) is broadly coherent with its described workflow and prerequisites. The primary security considerations center on credential handling (PATs via environment variables), access to CI/CD and VCS resources, and the potential for credential leakage through shells or logs. There are no evident malicious data exfiltration patterns or unverifiable binaries in the provided material. Overall risk is moderate (suspicious-to-moderate) due to credential handling and surface-area expansion, but the footprint remains proportionate to its stated purpose when proper secret hygiene and least-privilege controls are enforced.