analyze-skill-issues
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution: The skill uses the Azure CLI (
az storage blob download) to retrieve test results. This is an expected tool for interacting with Azure storage resources within a development environment. - External Data Retrieval: Test logs are downloaded from the
integration-reportscontainer in thestrdashboardcejwwkstorage account. This data ingestion is central to the skill's functionality. - Indirect Prompt Injection Surface: The skill processes external data from test logs to generate summaries. While this represents a surface for indirect prompt injection, the risk is minimal as the data is expected to be structured test output and is used solely for diagnostic purposes.
- Ingestion points: Integration report blobs in Azure Storage (SKILL.md).
- Boundary markers: The skill relies on structured JSON and XML formats for parsing results.
- Capability inventory: Execution of Azure CLI commands to download files.
- Sanitization: Content from error messages and stack traces is summarized for the user without explicit sanitization steps mentioned.
- Local Path Disclosure: To assist with debugging, the skill identifies the local temporary directory and provides clickable links to downloaded files using the
vscode://file/protocol.
Audit Metadata