azure-landing-zone-checklist
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to solicit and process Azure DevOps Personal Access Tokens (PATs) to populate the 'Accelerator
- Bootstrap' tab of the configuration checklist. While this is standard for the ALZ Accelerator tool, handling secrets through an AI agent presents an inherent security risk.
- [PROMPT_INJECTION]: The skill processes untrusted external data which introduces a surface for indirect prompt injection.
- Ingestion points: The skill reads and parses data from uploaded Excel spreadsheets (.xlsx) and user-provided IP documentation in various formats like Markdown and CSV (as seen in Phase 1 and Phase 4).
- Boundary markers: The instructions do not specify any delimiters or safety markers to help the agent distinguish between its core instructions and data content within the external files.
- Capability inventory: The skill utilizes the
openpyxllibrary to write values to file and provides the completed spreadsheet to the user. - Sanitization: There is no evidence of validation or sanitization of the content extracted from external documents before it is used by the agent to make configuration decisions.
Audit Metadata