The Agent Skills Directory

The skill azure-resource-manager-postgresql-dotnet is a descriptive skill providing documentation and C# code examples for interacting with the Azure PostgreSQL Flexible Server SDK. It does not contain any executable scripts or commands intended for direct execution by the AI agent.

1. Prompt Injection: No prompt injection patterns were detected. The skill's content is purely informational and instructional regarding the use of an SDK.

2. Data Exfiltration: No data exfiltration commands or patterns were found. The C# code examples demonstrate interaction with Azure services, which is their intended purpose. While one C# example in SKILL.md shows a hardcoded AdministratorLoginPassword, this is a documentation example, not an active exfiltration attempt by the skill. Furthermore, the acceptance-criteria.md explicitly lists 'Storing Passwords in Code' as an anti-pattern and 'WRONG'.

3. Obfuscation: No obfuscation techniques (Base64, zero-width characters, homoglyphs, etc.) were detected.

4. Unverifiable Dependencies: The skill instructs users to install packages via dotnet add package Azure.ResourceManager.PostgreSql and dotnet add package Azure.Identity. These packages are from nuget.org and are part of the official Azure SDK for .NET, maintained by Microsoft. The GitHub source link also points to github.com/Azure/azure-sdk-for-net, which is a trusted organization. Therefore, these dependencies are from trusted sources, and this is noted as an informational finding rather than a high-risk one.

5. Privilege Escalation: No commands or patterns indicative of privilege escalation (e.g., sudo, chmod 777) were found.

6. Persistence Mechanisms: No persistence mechanisms (e.g., modifying .bashrc, creating cron jobs) were detected.

7. Metadata Poisoning: The skill's metadata (name, description) is benign and accurately reflects its purpose. No malicious instructions were found hidden in metadata.

8. Indirect Prompt Injection: The skill does not process external user-supplied content in a way that would make it susceptible to indirect prompt injection.

9. Time-Delayed / Conditional Attacks: No time-delayed or conditional attack patterns were identified.

Conclusion: The skill is primarily a documentation and example provider for an Azure SDK. It does not contain any directly executable malicious code for the agent. The dependencies are from trusted sources, and while a hardcoded password appears in an example, the skill itself advises against such practices. Therefore, the skill is considered SAFE.