azure-diagnostics
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Command Execution: The skill utilizes a series of Azure CLI (
az) commands and Docker operations to troubleshoot infrastructure. These are standard administrative actions for managing cloud resources. - External Resource Management: Includes the installation of the Azure Resource Graph extension (
az extension add). As this is an official extension provided by the platform vendor, it is a standard part of the environment setup. - Data Analysis Surface (Indirect Prompt Injection): The skill includes workflows to ingest and analyze application logs from Azure Monitor and Application Insights. (1) Ingestion points: The skill reads from the
tracesandFunctionAppLogstables usingaz monitorand MCP query tools. (2) Boundary markers: No explicit delimiters or instructions to ignore potential commands within the logs are present in the guides. (3) Capability inventory: The agent can perform resource queries, metadata retrieval, and check provisioning status via the CLI. (4) Sanitization: The instructions do not define specific methods for filtering or escaping log content before interpretation. This is an inherent characteristic of diagnostic tools that process external log data. - Health Monitoring: The skill uses
curlto verify the connectivity and status of application health endpoints on Azure-managed domains (*.azurecontainerapps.io).
Audit Metadata