azure-compliance
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- Standard Compliance Auditing: The skill facilitates the use of
azqr(Azure Quick Review) and Azure Resource Graph queries to assess environments against established best practices. These tools are used within their intended scope for security posture evaluation. - Secure Authentication Guidance: Reference documentation (e.g.,
auth-best-practices.md) explicitly promotes the use of Managed Identities and Azure RBAC over hardcoded credentials, which significantly enhances the security of the audited environment. - Key Vault Expiration Monitoring: The skill provides structured workflows for auditing Key Vault resources (keys, secrets, certificates) for expiration. It correctly identifies the lack of expiration dates as a security risk and provides remediation steps.
- Trusted External References: All external links and package installation instructions target official Microsoft documentation (
learn.microsoft.com), GitHub repositories (github.com/microsoft), and well-known package registries (NPM, PyPI, Cargo). - Data Privacy: The skill's primary function is to read resource metadata for reporting purposes. There are no patterns indicating unauthorized data exfiltration or network operations targeting untrusted domains.
- Indirect Prompt Injection Surface: While the skill processes external resource metadata (such as resource tags), it uses structured tools and documentation to summarize this data for the user, effectively managing the theoretical risk of indirect prompt injection.
Audit Metadata