azure-resource-manager-redis-dotnet

The skill consists of markdown documentation and C# code snippets for interacting with Azure Redis via the Azure Resource Manager .NET SDK. It is purely instructional and does not contain any executable scripts or commands that would run directly within the agent's environment. The skill explicitly recommends and demonstrates security best practices, such as using DefaultAzureCredential for authentication, never hardcoding keys, disabling non-SSL ports, enforcing TLS 1.2, and avoiding logging sensitive information like access keys.

Threat Category Analysis:

1. Prompt Injection: No prompt injection patterns were detected. The language is technical and instructional.
2. Data Exfiltration: No direct data exfiltration attempts were found. While the skill demonstrates how to retrieve Redis access keys, it does not exfiltrate them to an external server. It explicitly warns against logging secrets. Examples involving blob storage URLs for import/export are user-configured data movements within Azure, not exfiltration by the skill itself.
3. Obfuscation: No obfuscation techniques (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were detected.
4. Unverifiable Dependencies: The skill instructs the user to install Azure.ResourceManager.Redis, Azure.Identity, StackExchange.Redis, and Microsoft.Azure.StackExchangeRedis via dotnet add package. These are official Microsoft Azure SDKs and are considered trusted external sources (GitHub organization Azure). This is noted as an informational finding but does not elevate the overall risk due to the trusted nature of the dependencies.
5. Privilege Escalation: No commands or instructions for privilege escalation (e.g., sudo, chmod 777, service installation) were found.
6. Persistence Mechanisms: No attempts to establish persistence (e.g., modifying .bashrc, crontab, authorized_keys) were detected.
7. Metadata Poisoning: The skill's metadata (name, description) is benign and accurately reflects its purpose.
8. Indirect Prompt Injection: The skill processes C# code and markdown. It does not process arbitrary external user input that could lead to indirect prompt injection.
9. Time-Delayed / Conditional Attacks: No time-delayed or conditional malicious logic was found.

Conclusion: The skill is well-documented, promotes secure coding practices, and relies on trusted external dependencies. It does not contain any direct security vulnerabilities or malicious patterns.