keyvault-csi-driver
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded secrets, passwords, or private keys were detected. The skill contains infrastructure identifiers such as Azure Tenant IDs and Managed Identity Client IDs, which are necessary for configuration and do not constitute a security breach in this context.
- [COMMAND_EXECUTION] (SAFE): The provided Bash scripts (create-keyvault-secret.sh, diagnose-csi.sh, grant-keyvault-access.sh) are standard administrative tools using the official Azure CLI (
az) and Kubernetes CLI (kubectl). They are designed for manual execution by an authorized operator to manage secrets and permissions. - [EXTERNAL_DOWNLOADS] (SAFE): No remote scripts, untrusted packages, or external downloads were identified within the skill files.
- [DATA_EXFILTRATION] (SAFE): The scripts interact with Azure and Kubernetes APIs as intended for their functional purpose; no unauthorized data exfiltration patterns were detected.
Audit Metadata