azure-prepare
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- External Code Download and Execution: The skill includes an instruction to install the Azure Developer CLI (azd) using a piped shell command (
curl | bash) from a well-known Microsoft domain (aka.ms). While piped execution is a pattern to review, it is used here to install official tooling from a trusted vendor. - Instructional Overrides: The skill contains strongly worded directives for the AI agent to prioritize its instructions over prior training. These instructions are intended to ensure adherence to specific, complex technical patterns such as the Azure Functions composition rules and Managed Identity enforcement.
- Command Generation and Scripting: A core part of the skill is generating infrastructure (Bicep/Terraform) and deployment scripts (Bash/PowerShell). These artifacts are used to provision resources and configure data-plane access, particularly for Azure SQL databases.
- Security Hardening Enforcement: The skill proactively implements security features, such as explicitly forbidding the generation of SQL administrator credentials and requiring the use of Microsoft Entra ID for authentication. It also promotes the use of Azure Key Vault for secret management.
Audit Metadata