azure-deploy
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Passwordless Authentication]: The skill strongly encourages the use of Managed Identities and Entra ID authentication. This approach is a security best practice that eliminates the need for hardcoded connection strings or secrets in application configuration files.
- [Automated Resource Configuration]: The skill provides scripts for automating Entity Framework Core migrations and granting SQL data-plane access. These scripts use safe patterns, such as fetching environment variables from the Azure Developer CLI (
azd) and performing idempotent SQL operations to grant permissions to the application's identity. - [Official Vendor Tools]: Installation instructions and references point toward official Microsoft resources, such as the Azure Developer CLI installation script from a Microsoft-owned domain (
aka.ms). These are standard procedures for setting up required developer tooling. - [Live State Verification]: The skill includes a 'Live Role Verification' phase that queries the provisioned environment to ensure that RBAC (Role-Based Access Control) assignments are correctly applied, which helps verify that the principle of least privilege is maintained after deployment.
Audit Metadata