azure-aigateway
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- External Downloads: The skill references and downloads configuration files and API specifications from official Microsoft repositories. These are used to bootstrap infrastructure and import API definitions.\n- Command Execution: Provides shell commands for the Azure CLI (az) to manage cloud resources, including resource groups, deployments, and identity assignments. These operations are within the scope of administrative tasks for setting up a gateway.\n- Identity and Access Management: Includes patterns for managed identity configuration and role assignments, which are best practices for securing service-to-service communication without hardcoded credentials.\n- Indirect Prompt Injection Surface: The skill allows importing API specifications from external URLs.\n
- Ingestion points: The az apim api import command in SKILL.md.\n
- Boundary markers: Boundary markers are not explicitly defined in the CLI command examples.\n
- Capability inventory: The skill uses Azure CLI for resource management and can execute APIM policies; subprocess calls are primarily for platform orchestration.\n
- Sanitization: Sanitization and validation are performed internally by the Azure API Management service during the specification import process.
Audit Metadata