azure-monitor-query-py
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [SAFE] (SAFE): The skill facilitates access to the official azure-monitor-query package from Microsoft, a trusted source. No malicious patterns or unauthorized access methods were detected.
- [Indirect Prompt Injection] (INFO): The skill ingests untrusted data from Azure Monitor logs and metrics. 1. Ingestion points: LogsQueryClient.query_workspace and MetricsQueryClient.query_resource calls in SKILL.md. 2. Boundary markers: Absent; data is processed directly. 3. Capability inventory: Limited to data retrieval and local processing (printing, pandas DataFrame conversion); no file-write or subprocess execution capabilities are present. 4. Sanitization: Absent; the skill assumes the integrity of the data source for its intended use case.
- [Credential Safety] (SAFE): The skill correctly implements DefaultAzureCredential for authentication, which is the industry standard for secure Azure identity management, avoiding the use of hardcoded secrets.
Audit Metadata