azure-rbac
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass safety filters or override agent behavior.
- [Data Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network communication patterns were identified.
- [Remote Code Execution] (SAFE): The skill does not download or execute external scripts or packages; it exclusively references internal Azure tools.
- [Indirect Prompt Injection] (SAFE): The skill has a standard ingestion surface where it processes user-provided permission requirements to generate code. This is a common assistant function and does not contain malicious logic. 1. Ingestion points: User requests for role definitions in SKILL.md instructions. 2. Boundary markers: Absent. 3. Capability inventory: Generates CLI and Bicep code via internal tools. 4. Sanitization: None explicitly defined in the skill body.
Audit Metadata