aztfexport-skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the
aztfexportutility, which is an official tool maintained by Microsoft's Azure organization. Downloads are directed to the official GitHub releases page or the Homebrew package manager. - [COMMAND_EXECUTION]: The skill utilizes standard system and cloud commands (
az,terraform,aztfexport) to perform resource discovery and configuration export. It correctly identifies the use of--non-interactiveand--plain-uiflags, which are best practices for security and reliability when agents execute shell commands. - [DATA_EXFILTRATION]: Interactions with Azure cloud metadata are conducted via authenticated CLI sessions for the purpose of generating Terraform code. No unauthorized data collection or exfiltration patterns were detected.
- [SAFE]: No malicious patterns such as prompt injection, obfuscation, or persistence mechanisms were found. The skill's behavior is entirely consistent with its stated purpose of reverse-engineering Azure infrastructure into Terraform.
Audit Metadata