entra-app-registration
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill includes extensive documentation for Azure CLI (
az) commands to manage application registrations, service principals, and permissions. These are standard administrative tools, and the skill provides appropriate warnings regarding destructive operations like credential resets. - [EXTERNAL_DOWNLOADS] (SAFE): The skill references official Microsoft identity and security libraries (e.g.,
azure-identity,msal) from trusted package registries (PyPI, npm, NuGet). It also includes a Bicep template that pulls a Microsoft Graph extension from the trusted Microsoft Container Registry (mcr.microsoft.com). - [CREDENTIALS_UNSAFE] (SAFE): No real credentials or secrets are hardcoded. The skill uses clearly labeled placeholders (e.g.,
YOUR_APPLICATION_ID,your-secret-value-SAVE-THIS) and provides strong recommendations for using Azure Key Vault and Managed Identities in production environments. - [PROMPT_INJECTION] (SAFE): The content is strictly technical and instructional. It contains no attempts to override agent behavior, bypass safety filters, or extract system prompts.
- [DATA_EXFILTRATION] (SAFE): All network-related references and OAuth endpoints point to official Microsoft domains (e.g.,
login.microsoftonline.com,graph.microsoft.com). No suspicious data exfiltration patterns or unknown external URLs were detected.
Audit Metadata