microsoft-docs
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill possesses a surface for indirect prompt injection as it ingests untrusted data from the web via the
microsoft_docs_fetchtool. - Ingestion points: Full page content fetched from
learn.microsoft.com. - Boundary markers: None explicitly defined in the tool description.
- Capability inventory: None; the skill is markdown-only and has no command execution or file-write capabilities.
- Sanitization: None described.
- Risk Assessment: The severity is downgraded to SAFE because the data source is a trusted organization (Microsoft) and the skill lacks any dangerous capabilities (scripts or file access) to exploit.
- [External Downloads] (SAFE): The skill references the Microsoft Learn MCP Server (
learn.microsoft.com). As Microsoft is a Trusted Organization, this reference is considered safe. - [No Code] (SAFE): The skill consists entirely of markdown instructions and does not include any Python, Node.js, or shell scripts, significantly reducing the attack surface.
Audit Metadata