azure-observability
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- Secure Authentication Guidance: The skill includes a dedicated reference for Azure Authentication best practices. It explicitly advises against using broad credentials in production and provides code samples for implementing Managed Identities and RBAC, which aligns with security best practices.
- Trusted SDK and Package References: All referenced libraries (such as azure-identity and @azure/monitor-opentelemetry) are official packages from a well-known service provider. The installation instructions target standard, verified package registries.
- Observability Data Handling: As an observability-focused skill, it facilitates the querying of logs and metrics through tools like Azure Monitor and KQL. While processing external data is a standard functional requirement for monitoring, users should remain aware that the agent will be interpreting telemetry data which may contain external inputs.
- Least-Privilege Design: The documentation emphasizes applying RBAC roles at the narrowest possible scope and using environment-aware credential selection to minimize the attack surface of deployed applications.
Audit Metadata