Skills
NYC
skills/microsoft/github-copilot-for-azure/azure-diagnostics/Gen Agent Trust Hub

azure-diagnostics

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests untrusted log data. 1. Ingestion points: Log data is retrieved via az containerapp logs show and mcp_azure_mcp_monitor. 2. Boundary markers: Absent; no delimiters are used to separate logs from instructions. 3. Capability inventory: The skill uses state-changing commands like az containerapp update and az containerapp registry set. 4. Sanitization: Absent.
  • COMMAND_EXECUTION (MEDIUM): Utilizes the Azure CLI for diagnostic and remediation actions. The risk is elevated because commands can be executed based on the results of log queries.
  • EXTERNAL_DOWNLOADS (LOW): The skill requires the resource-graph Azure CLI extension. This is a trusted download from Microsoft, resulting in a LOW severity per [TRUST-SCOPE-RULE].
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 02:33 AM