The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill executes az CLI commands to perform its core function of Azure resource discovery and analysis. This is a legitimate but notable capability.\n- [EXTERNAL_DOWNLOADS] (LOW): The documentation mentions installing the resource-graph Azure CLI extension. Per [TRUST-SCOPE-RULE], this is a low-risk finding because the source (Microsoft) is a trusted organization.\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its processing of untrusted metadata from the cloud environment.\n
Ingestion points: Resource names, tags, and properties fetched from Azure via CLI tools (referenced in SKILL.md and azure-resource-graph.md).\n
Boundary markers: No specific delimiters or safety warnings are used when interpolating Azure resource data into prompts or diagrams.\n
Capability inventory: Terminal access for az commands and file writing capabilities to generate markdown documentation.\n
Sanitization: The skill does not implement sanitization for strings retrieved from Azure before they are processed by the agent.

azure-resource-visualizer