Skills
skills/microsoft/agent-skills/azure-resource-manager-mysql-dotnet/Gen Agent Trust Hub

azure-resource-manager-mysql-dotnet

Pass

Audited by Gen Agent Trust Hub on Feb 13, 2026

Risk Level: LOWCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis

The skill describes how to use the Azure.ResourceManager.MySql .NET SDK to manage Azure MySQL Flexible Servers. The instructions are clear and the C# code snippets demonstrate various management operations.

CREDENTIALS_UNSAFE (LOW): The SKILL.md file contains C# code examples that hardcode an administrator password (AdministratorLoginPassword = "YourSecurePassword123!") and include it directly in a connection string example. While these are presented as examples, they illustrate an insecure practice. Although the references/acceptance-criteria.md file correctly identifies hardcoding credentials as an anti-pattern, its presence in the main skill documentation could inadvertently encourage users to adopt this insecure habit.

EXTERNAL_DOWNLOADS (LOW): The skill instructs users to install .NET packages (Azure.ResourceManager.MySql, Azure.Identity) using dotnet add package. These packages are sourced from NuGet and GitHub repositories maintained by Microsoft (Azure organization), which are considered trusted external sources. This is noted as a low-risk external dependency.

No other threats detected:

  • Prompt Injection: No patterns indicative of prompt injection attempts were found in the skill's instructions or metadata.
  • Obfuscation: No obfuscation techniques (e.g., Base64, zero-width characters, homoglyphs) were detected.
  • Privilege Escalation: No commands or instructions that attempt to escalate privileges (e.g., sudo, chmod 777) were found.
  • Persistence Mechanisms: No attempts to establish persistence (e.g., modifying .bashrc, creating cron jobs) were identified.
  • Metadata Poisoning: The skill's metadata fields (name, description, package) are clean and do not contain malicious instructions.
  • Indirect Prompt Injection: The skill does not process arbitrary external content (like emails or web pages) in a way that would make it susceptible to indirect prompt injection.
  • Time-Delayed / Conditional Attacks: No conditional logic or time-based triggers for malicious behavior were found.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 13, 2026, 10:26 AM