azure-mgmt-fabric-dotnet

The skill SKILL.md and references/acceptance-criteria.md describe how to use the Azure Resource Manager SDK for Fabric in .NET. The SKILL.md file contains dotnet add package Azure.ResourceManager.Fabric and dotnet add package Azure.Identity commands. These commands instruct a developer to install NuGet packages. These packages are sourced from https://www.nuget.org/packages/Azure.ResourceManager.Fabric and the source code is on https://github.com/Azure/azure-sdk-for-net/tree/main/sdk/fabric/Azure.ResourceManager.Fabric. Both NuGet and the Azure GitHub organization are listed as trusted external sources. Therefore, the dotnet add package commands represent an external download from a trusted source. This is noted as a LOW severity finding under 'Unverifiable Dependencies' (and categorized as 'EXTERNAL_DOWNLOADS'). No other malicious patterns were detected, including prompt injection, data exfiltration, obfuscation, privilege escalation, persistence mechanisms, metadata poisoning, indirect prompt injection, or time-delayed/conditional attacks. The skill primarily provides instructional C# code examples and documentation, not executable scripts for the agent. Given that the only finding is a low-risk external download from a trusted source, the overall verdict is SAFE.