Skills
skills/julianobarbosa/claude-code-skills/AzureFinOps/Gen Agent Trust Hub

AzureFinOps

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Azure CLI (az) to execute Resource Graph queries (KQL) and retrieve reservation details. These operations are essential for its functionality and are explicitly restricted to read-only actions to prevent accidental resource modification.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes metadata from Azure resources.
  • Ingestion points: Data is ingested through az graph query and MCP tools (compute_vm_list, storage_account_list) which retrieve resource names, tags, and properties.
  • Boundary markers: The instructions do not define explicit boundary markers or delimiters for the ingested Azure data.
  • Capability inventory: The skill can execute subprocesses via az CLI and uv run, and write analysis reports to the local Plans/ directory.
  • Sanitization: There is no evidence of data sanitization or validation of the retrieved resource properties before they are processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 06:56 AM