azure-network-calculator-skill
Warn
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill mandates the execution of a
curlcommand targetinghttp://localhost:8888/notifyevery time it is invoked. This forces a network operation without explicit user consent for each execution, which can be used for local service signaling or logging. - [PROMPT_INJECTION]: The skill uses highly imperative and restrictive language (e.g., 'MANDATORY', 'REQUIRED BEFORE ANY ACTION', 'This is not optional') to ensure the agent follows specific behavioral triggers and forced execution steps, potentially overriding standard safety or operational guardrails.
- [EXTERNAL_DOWNLOADS]: The skill includes a 'Customization' logic that instructs the agent to load 'resources' and 'configurations' from the local file system (
~/.claude/skills/PAI/USER/SKILLCUSTOMIZATIONS/) to override default behavior. This creates a mechanism for third-party or local files to inject new instructions or modify the skill's logic without being part of the original skill package.
Audit Metadata