The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill ingests untrusted metadata from Azure resource scans to generate reports and remediation steps. 1. Ingestion points: Azure resource metadata collected by the azqr scan tool (as described in references/azure-quick-review.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the analysis workflow. 3. Capability inventory: The skill can execute Azure CLI commands (az) and retrieve Key Vault secret/key configuration. 4. Sanitization: No sanitization or validation of resource names, tags, or properties is defined before processing the data.
[COMMAND_EXECUTION] (SAFE): The skill provides structured templates and instructions for the agent to generate and execute Azure CLI commands for auditing and configuration remediation. This is consistent with the skill's primary purpose.

azure-compliance