azure-kubernetes
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Command Execution: The skill utilizes standard Azure CLI (
az aks) and Kubernetes (kubectl) commands to manage infrastructure. Specifically, theaz aks get-credentialscommand is documented to enable local cluster access; while this is standard administrative functionality, it involves handling sensitive authentication configuration on the host machine. - Official Resource Integration: The skill references official technical documentation from Microsoft for networking and configuration guidance, ensuring that instructions are based on verified service patterns.
- Security Best Practices: The workflow explicitly prioritizes the use of Microsoft Entra ID for identity management and the Secrets Store CSI Driver for handling sensitive data, which aligns with industry standards for avoiding hardcoded or static credentials.
- Operational Guardrails: The skill includes explicit instructions for the AI to avoid requesting or outputting secrets and requires clarification for critical infrastructure decisions, which helps prevent accidental misconfiguration or exposure.
Audit Metadata